Amazon ZAP Security Test Report

This is Amazon zap security test report

Sites: https://beacons.gcp.gvt2.com https://consent.google.com https://apis.google.com http://www.gstatic.com https://csp.withgoogle.com https://fonts.gstatic.com https://www.google.com https://update.googleapis.com https://optimizationguide-pa.googleapis.com https://fls-na.amazon.com https://content-autofill.googleapis.com https://images-na.ssl-images-amazon.com https://www.amazon.com https://accounts.google.com

Generated on Wed, 6 Dec 2023 15:17:56

ZAP Version: 2.14.0

Summary of Alerts

Risk Level Number of Alerts
High
1
Medium
8
Low
10
Informational
13
False Positives:
0

Alerts

Name Risk Level Number of Instances
PII Disclosure High 3
Absence of Anti-CSRF Tokens Medium 1535
CSP: Wildcard Directive Medium 324
CSP: script-src unsafe-eval Medium 54
CSP: script-src unsafe-inline Medium 265
CSP: style-src unsafe-inline Medium 324
Content Security Policy (CSP) Header Not Set Medium 879
Cross-Domain Misconfiguration Medium 7
Missing Anti-clickjacking Header Medium 126
Application Error Disclosure Low 1
CSP: Notices Low 326
Cookie No HttpOnly Flag Low 698
Cookie Without Secure Flag Low 204
Cookie with SameSite Attribute None Low 4
Cookie without SameSite Attribute Low 699
Cross-Domain JavaScript Source File Inclusion Low 92
Strict-Transport-Security Header Not Set Low 99
Timestamp Disclosure - Unix Low 181
X-Content-Type-Options Header Missing Low 608
Content Security Policy (CSP) Report-Only Header Found Informational 255
Content-Type Header Missing Informational 77
Cookie Poisoning Informational 3
Information Disclosure - Sensitive Information in URL Informational 8
Information Disclosure - Suspicious Comments Informational 927
Loosely Scoped Cookie Informational 204
Modern Web Application Informational 701
Re-examine Cache-control Directives Informational 785
Retrieved from Cache Informational 20
Session Management Response Identified Informational 398
User Controllable Charset Informational 1
User Controllable HTML Element Attribute (Potential XSS) Informational 438
User Controllable JavaScript Event (XSS) Informational 1

Alert Detail

High
PII Disclosure
Description
The response contains Personally Identifiable Information, such as CC number, SSN and similar sensitive data.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence 2483579572044704
Other Info Credit Card Type detected: Mastercard
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence 4363402370567704
Other Info Credit Card Type detected: Visa Bank Identification Number: 436340 Brand: VISA Category: Issuer:
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 5337109127354704
Other Info Credit Card Type detected: Mastercard Bank Identification Number: 533710 Brand: MASTERCARD Category: Issuer: SUMITOMO MITSUI CARD CO., LTD.
Instances 3
Solution
Check the response for the potential presence of personally identifiable information (PII), ensure nothing sensitive is leaked by the application.
Reference
CWE Id 359
WASC Id 13
Plugin Id 10062
Medium
Absence of Anti-CSRF Tokens
Description
No Anti-CSRF tokens were found in a HTML submission form.

A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.

CSRF attacks are effective in a number of situations, including:

* The victim has an active session on the target site.

* The victim is authenticated via HTTP auth on the target site.

* The victim is on the same local network as the target site.

CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
URL https://www.amazon.com/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E1HJY
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E1NYI
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E1Q5Y
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E1TOM
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E1WYO
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E204K
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E236A
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E260I
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E28WO
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E2BC6
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E2DPQ
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E2GU8
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E2J14
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/B00M3E2LOE
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/gcrnsts
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/-/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/-/en$
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/-/es/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/-/he$
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/-/he/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/-/zh_TW$
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/-/zh_TW/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/1.5x
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/139_QL70_.jpg
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/2.5000x
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/2.5x
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/208.5_QL70_.jpg
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/2192_AC_SX139_SY100_QL70_.png
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/2192_AC_SX208.5_SY150_QL70_.png
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/2192_AC_SX278_SY200_QL70_.png
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/278_QL70_.jpg
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/400_AC_SX139_SY100_QL70_.jpg
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/400_AC_SX208.5_SY150_QL70_.jpg
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/400_AC_SX278_SY200_QL70_.jpg
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/403_AC_SX139_SY100_QL70_.png
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/403_AC_SX208.5_SY150_QL70_.png
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/403_AC_SX278_SY200_QL70_.png
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/404
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_5
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_6
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_7
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/?ref_=footer_logo
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence <form name="prime-up-signup-form" method="post" action="/gp/prime/pipeline/confirm?offerToken=GoSewu-v8EjIusyczL0ZrFKcNK_xnlh1KVX9L7isgNducRYmitIQHcP-ynDfqshRzCDQfEOrEgcVpesqFPmTvw1dCXICZ6wmuKMe2L0j_Q9y--1dTxXr_WerMHWImIr_nHQWisuLkm_EQgE2hzGxEBC68gpiOg0ADGFkz83tlwdRBB8YmaE5Bj6muOveWngeXqQ7s2ZhJB-pLM3MpRKrquCIDADphfJ0H5TkSZBrR6I8zMfjaHD19HX2ENAA6LiUjNkywKc4UCjlXNBSd_RYH9nrKCQcCt44Go9HpS1jJ6KBkIdj-Wf4_Ad6VUdtWtQnPb4EGUEn7GAfDAuJ9dnZV83A5EufgHZ7LzUUkYuB8A4oZ4yVLYGiQjdot6Rw91C6bKbpkkIW_vF04l3k4ltYhcYPHE50kz-YE13cS0Ekhsv3I6dT15gRUHS1tkQ7cggxPQd1v3AKnUOEiq_N3YIsi3qOohDh2IL6dFeQ2wu2LcTfRzE1Z5JYuQx4af9bJyGBmtP-pNtfpu6NgB2n14mg3GUTUOmBJeaqxQtXOKLC9xOGfA1HJ8YPWnwVBIgewnXF0C3UIAEZ6URL9BmLpDamkWgU7AdlBIWk8pn-0I-lj2u0AUgegLWkFM0JLtLEycZfjS4Dv5tLsBYFBh7nfUiy2r-DmAGrKp6xuDFja8QuzVkoIZMuPXNWEMl16MovvPz8VSLvDMHdyA4" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "cancelRedirectURL" "locationID" "offerToken" "previousContainerRequestId" "primeCampaignId" "redirectURL" ].
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence <form name="prime-up-signup-form" method="post" action="/gp/prime/pipeline/confirm?offerToken=GoSewu-v8EjIusyczL0ZrFKcNK_xnlh1KVX9L7isgNducRYmitIQHcP-ynDfqshRzCDQfEOrEgcVpesqFPmTvw1dCXICZ6wmuKMe2L0j_Q9y--1dTxXr_WerMHWImIr_nHQWisuLkm_EQgE2hzGxEBC68gpiOg0ADGFkz83tlwdRBB8YmaE5Bj6muOveWngeXqQ7s2ZhJB-pLM3MpRKrquCIDADphfJ0H5TkSZBrR6I8zMfjaHD19HX2ENAA6LiUjNkywKc4UCjlXNBSd_RYH9nrKCQcCt44Go9HpS1jJ6KBkIdj-Wf4_Ad6VUdtWtQnPb4EGUEn7GAfDAuJ9dnZV83A5EufgHZ7LzUUkYuB8A4oZ4yVLYGiQjdot6Rw91C6bKbpkkIW_vF04l3k4ltYhcYPHE50kz-YE13cS0Ekhsv3I6dT15gRUHS1tkQ7cggxPQd1v3AKnUOEiq_N3YIsi3qOohDh2IL6dFeQ2wu2LcTfRzE1Z5JYuQx4af9bJyGBmtP-pNtfpu6NgB2n14mg3GUTUOmBJeaqxQtXOKLC9xOGfA1HJ8YPWnwVBIgewnXF0C3UIAEZ6URL9BmLpDamkWgU7AdlBIWk8pn-0I-lj2u0AUgegLWkFM0JLtLEycZfjS4Dv5tLsBYFBh7nfUiy2r-DmAGrKp6xuDFja8QuzVkoIZMuPXNWEMl16MovvPz8VSLvDMHdyA4" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "cancelRedirectURL" "locationID" "offerToken" "previousContainerRequestId" "primeCampaignId" "redirectURL" ].
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form id="ap_register_form" name="register" method="post" novalidate action="https://www.amazon.com/ap/register" class="ap_ango_default auth-validate-form-moa auth-real-time-validation">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_customer_name" "ap_email" "ap_password" "ap_password_check" "appAction" "appActionToken" "continue" "openid.return_to" "prevRID" "workflowState" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin/ref=cart_empty_sign_in?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcart%3Fapp-nav-type%3Dnone%26dc%3Ddf
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dfooter_yo&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_AccountFlyout_orders&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_orders_first&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_email" "ap_password" "appAction" "appActionToken" "create" "encryptedPasswordExpected" "openid.return_to" "prevRID" "rememberMe" "signInSubmit" "workflowState" ].
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub%2F
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-clearable-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_email" "ap_password" "ap_show_password_checked" "appAction" "appActionToken" "auth-show-password-checkbox" "encryptedPasswordExpected" "giveFocusOnMobileToFirstControlFailingValidation" "openid.return_to" "prevRID" "rememberMe" "signInSubmit" "workflowState" ].
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_psr_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fspr%2Freturns%2Fhomepage%2Fhomepage.html%3Fref_%3Dfooter_hy_f_4
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_subscribe_save_myd_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fauto-deliveries%2Fviewsubscriptions%3Fref_%3Dnav_AccountFlyout_sns
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap_email" "ap_password" "appAction" "appActionToken" "create" "encryptedPasswordExpected" "openid.return_to" "prevRID" "rememberMe" "signInSubmit" "workflowState" ].
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_wishlist_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fls&pageId=Amazon
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name="signIn" method="post" novalidate action="https://www.amazon.com/ap/signin" class="auth-validate-form auth-real-time-validation a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "ap-credential-autofill-hint" "ap_email" "appAction" "appActionToken" "continue" "create" "openid.return_to" "prevRID" "subPageType" "workflowState" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ASUS-NVIDIA-GeForce-Graphics-DisplayPort/dp/B0BQTVQQP4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0BQTVQQP4&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b/?_encoding=UTF8&ld=AZUSSOA-sell&node=12766669011&ref_=nav_cs_sell
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/b?*node=7454898011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b?*node=7454917011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b?*node=7454927011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b?*node=7454939011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b?*node=9052533011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/baby-reg/homepage/?_encoding=UTF8&ref_=sv_wl_2
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/baby-reg/homepage/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/baby-reg/homepage?ie=UTF8&ref_=sv_cm_gft_2
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/baby-reg/search-results
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/Bac-Zap-Odor-Eliminator-1_gallon/dp/B007MCJJWE/ref=sr_1_29?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Barbie-DreamHouse-Furniture-Accessories-Wheelchair-Accessible/dp/B08V1R73H9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B08V1R73H9&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/business/register/org/landing?ref_=footer_retail_b2b
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=pd_bxgy_crt?_encoding=UTF8&amp;pd_rd_w=gDCGm&amp;content-id=amzn1.sym.839d7715-b862-4989-8f65-c6f9502d15f9&amp;pf_rd_p=839d7715-b862-4989-8f65-c6f9502d15f9&amp;pf_rd_r=SAD5M4QCABFG9J6DVCM0&amp;pd_rd_wg=ujt1v&amp;pd_rd_r=c57bf6e5-21a7-4e59-b9d3-f2998f0b653f" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "ue_back" ].
URL https://www.amazon.com/Chispee-Finishing-Weaving-Leather-Melting/dp/B0CHK2D5PM/ref=sr_1_36?keywords=ZAP&qid=1701867726&sr=8-36
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form id="twister" method="get" action="/gp/product" class="a-spacing-small">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ASIN" "dummySubmitButton" "twisterDimKeys" "twisterNonJs" ].
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=pd_day0fbt_softlines_crt?_encoding=UTF8&amp;pd_rd_w=qGYF4&amp;content-id=amzn1.sym.2279ea12-5619-4202-8979-7016a550b5be&amp;pf_rd_p=2279ea12-5619-4202-8979-7016a550b5be&amp;pf_rd_r=8HZK0SF0SPP8EBRNC36C&amp;pd_rd_wg=48BHu&amp;pd_rd_r=c28b73fa-d724-4946-8678-c1246405ac04" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "ue_back" ].
URL https://www.amazon.com/Cleansing-Conditioner-Treatment-Sulfur-Greasy/dp/B08WCMNBWC/ref=sr_1_31?keywords=ZAP&qid=1701867726&sr=8-31
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/customer-preferences/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence <form method="post" id="international-customer-select-preferences-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "lop" ].
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/customer-preferences/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/Ding-Zap-Falcones-Emergency-Repair/dp/B0BF7NXYMG/ref=sr_1_41?keywords=ZAP&qid=1701867726&sr=8-41
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/B088R7QF3J?binding=kindle_edition&qid=1701867726&ref_=dbs_s_aps_series_rwt_tkin&searchxofy=true&sr=8-50
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/e-mail-friend/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/manual-submit/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/product-availability/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/rate-this-item/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/shipping/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/dp/twister-update/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Electric-Mosiller-Rechargeable-Powerful-Mosquitoes/dp/B09Q8W67XQ/ref=sr_1_57?keywords=ZAP&qid=1701867726&sr=8-57
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Electric-Swatter-Racket-Rechargeable-Charging/dp/B08GWRCQKJ/ref=sr_1_55?keywords=ZAP&qid=1701867726&sr=8-55
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Electric-Swatter-Rechargeable-Attractant-Charging/dp/B085DNM6JC/ref=sr_1_6?keywords=ZAP&qid=1701867726&sr=8-6
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Episode-2/dp/B091F259D2/ref=sr_1_47?keywords=ZAP&qid=1701867726&sr=8-47
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2Bw%2BSZ5NKCNicxUMlC%2Bk0dQ%3D%3D&amzn-r=%2Fref%3Dnav_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2F3fuOxEhwt63ufV6T0bxcA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=03tZvbYvlNFf2acq5oHUcQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fwrite-a-review.html%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=08uZdACqvtGgyluS825gmg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=0Lihl1baWvhf6TOkXodwsA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=0XduUglPDjNSMjsxubrj3Q%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=0YOsOdJkoTlrb2JQ0RFSDA%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=1QT5N1E%2BoHYA3uY20Z45Qw%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=2%2BTC4M6etm0GUm88X8TuOQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=2UjxEKDb5KJ%2F9hQYTEgkuA%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=3c9Q%2BP%2FBegFwrtaVnNB7JQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=3LujxYM0A0USyG2OFfjV7w%3D%3D&amzn-r=%2Fref%3Dcs_503_link&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=3v%2FH%2F%2Fp8hxS87L1CRjIe8g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=4CRscPzyeHD5oPwdd4g72g%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=4L6GAxTLeRFZV1Ql%2F0XDbg%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=5PEpbY7VE%2Fx%2BF4QsbQCCsA%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=5wtQMuRaMjiNWnLNzrc%2FVQ%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=7fi5ByKad%2BdcvxZljfMzqA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=89kxzNpqpBqZafLdlFX0nQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=8T23TyPKJ9nYw28W4EnfEw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=95jTc%2Fjf17cFyeMo2q5R7g%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=97fM1dyt3h9Jc6nkywTmLA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=9AQHcF15x6pT5YUsFxlgBg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=9dkyynGR9nYfowg38vfKbQ%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=9OGFBL46Q7pNVyNctgZC0w%3D%3D&amzn-r=%2Fhz%2Fmycd%2Fmyx%3FpageType%3Dcontent%26ref_%3Dnav_AccountFlyout_myk&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=9Z05sBM3FDHZbxQkWsnZ0Q%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=apEvdI6SD8q8%2Bj6RqXItyg%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=BdXJNklVh%2FTo3oUFbCnlxg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=BMw1tPBj4bD27JeQvJERag%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=c2HyZR58QutNLD12xni6Nw%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=C7pO3cDUAWU%2FidqGpXFrjg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fiyr%2F%3Fie%3DUTF8%26ref_%3Dsv_ys_3&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=cHeprgreEvleNxcpw6qQ7g%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=Czxv0r4fsgCtUApC77nCZA%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=D2GoufXGvut9%2FZMuYkd9sQ%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fauth-redirect%2Fref%3Datv_auth_red_bef%3FreturnUrl%3D%2Fgp%2Fvideo%2Fmystuff%2Fref%253Datv_auth_red_aft&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=DnotI5d00ATvL%2FoB2Njr5w%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub%252F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=E%2FKdDDIE0Gs6JwlreVZSrg%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=eJOcfxJSLiZ0gj%2BmnQ4giQ%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=eSdz%2BgPr%2BBR7xoxjOIfsSw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=ESObOh2M%2BMzmGyC8otRToQ%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=f5ESAwpSkihjQPIl%2Bs9hlA%3D%3D&amzn-r=%2F%3Fref_%3Dfooter_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=FcYso%2F%2BzwFW3yW%2B%2Fwf7JMg%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=fFfU2T%2FD4%2FQzYRxmhnr52g%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=Ffm%2BNimpxLDgRmnUlPCD%2FA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=ha10fxEJzSh0nMyxhNHj8Q%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=HbRcpcErDWcoTPiIjQDrsw%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=hWVbQrVPP60R%2FMEYDNFUqg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=IBfhlLDppwFRNkZKaih9Tw%3D%3D&amzn-r=%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-sell%26node%3D12766669011%26ref_%3Dnav_cs_sell&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=ic88goIdY908wj6AsV8uHQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=IgYhIcpecxxWcC1CwgCm6w%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=IKULlAVXx5%2B3JVfsoGdx7A%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=itO3%2BJP6Ug64elgLVDhWQQ%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=jGyPq5xFSGjtlCbvS8hq8Q%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=L5KXWOaTj0isegvpVanBeg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fhome%2F%3Fie%3DUTF8%26ref_%3Dtopnav_storetab_ys&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=lmOkLtqxprRCC9EF%2FZOFHQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=moJ2W1sEIk5sorRfxeE4jw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=nC%2BIi4ovQgV0mddORPTlFg%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=NprXEQdwV%2BMflR6xPECeGA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=oCXu0M3f0U%2BzmrEAPhaLTQ%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=ODTLp74NeoowmDKyrtofhQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=PBV26dQb2Y1INzjq5mIGOg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=qJp9aWa6EQ0ORMOoPRQ6RA%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=qootGElqNGNfpg%2Bx7sUGqw%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=r6Uog%2FdbGV4fFmxHdfuShg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=RjMI0bt%2BzVNA3JMjMzJg2Q%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=roxXxt79k1e3OYCnTuWDqQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=sM62fbadJtqMKBmZutzqTQ%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=SOJEh0g5GNh3yz21vEi58w%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=TWOp0asBI%2FWBWTIkLTtsjA%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=UHco0R4f7vMNkEDM0GQbJA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=uppjsyIHBaraQddL4MAISw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=Uqe%2Bj44L232HSBHTqi%2FQzA%3D%3D&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=UQmQcTwDE1aALXI5YMgUmg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=v74vI2HNtwdsMew0%2BCa4yg%3D%3D&amzn-r=%2Fgp%2Fentity-alert%2Fexternal%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=VBA%2FWqJZtFSpIx8jQO%2B2TQ%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=VMnQX6Wwf9aoBCz%2FnmLPHg%3D%3D&amzn-r=%2Fref%3Dcs_503_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=VpYg%2FzqJm%2BlfCHmQSz%2Bi%2FA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=WKtfmT6sXhu4UctX4MQXpw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=wmaWYeM7tTV892Nv5IT%2Brw%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=WU2u70mTqqsTO3A7Q01gmQ%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=wW1ICK07PtAJyLMWPtekow%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=xqei7DKY8jFewDqaI%2BL31g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=yGcmbher93sEDsbGY%2BmhpA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=yIpcu%2ByTIT%2BGhSDjfI7iNA%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=yu6%2FEfW%2FwPCqmg47siCmZw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=zeQeO2v0hNNZMPEQzdgpPg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=Zl3unZKkp2iFjlOckDEA6Q%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/errors/validateCaptcha?amzn=zWHXuJMe95diKgc3YS%2BIAQ%3D%3D&amzn-r=%2Fdp%2FB07984JN3L%3Fie%3DUTF-8%26plattr%3DACOMFO&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/ga/p/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/GameXcel-Zapper-Electric-Swatter-Mosquito/dp/B08BP57MMH/ref=sr_1_23?keywords=ZAP&qid=1701867726&sr=8-23
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gift-cards/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gift-cards/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gift-cards/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gift-cards/b/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gift-cards/b/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gift-cards/b/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gift-cards/b/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/giveaway/host/setup/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/GOOTOP-Mosquito-Zapper-Outdoor-Electric/dp/B09PQF39PG/ref=sr_1_38?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/aw/shoppingAids/
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/gp/aw/so.html
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cart
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/cart
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cart/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cart/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_cart
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&amp;pd_rd_i=B096X8471C&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "ue_back" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form id="savedCartViewForm" method="post" action="/cart/ref=ord_cart_shr?app-nav-type=none&amp;dc=df">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "requestID" "timeStamp" "token" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&amp;pd_rd_i=B0BBPJ1PW6&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&amp;pd_rd_i=B0BX2MXBH1&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&amp;pd_rd_i=B000XTPNZK&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&amp;pd_rd_i=B0BB9BMD7F&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_5_atc_a?_encoding=UTF8&amp;pd_rd_i=1649374178&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&amp;pd_rd_i=B08SV2Y7J6&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&amp;pd_rd_i=B017VPIY4U&amp;pd_rd_w=gF1gR&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=SR1A78F8ZX5RPSV4D6CC&amp;pd_rd_wg=6xF9n&amp;pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/cdp/member-reviews/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/content-form
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/content-form
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/css/homepage.html/147-4280155-9611859?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/css/homepage.html?ref_=footer_ya
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/css/homepage.html?ref_=nav_AccountFlyout_ya
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-reviews/common/du
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/customer-reviews/dynamic/sims-box
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/entity-alert/external?ue_back=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/flex
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/flex
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/gfix
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/gfix
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/help/customer/accessibility
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/contact-us
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-pt" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/help/customer/display.html
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=13316081&ref_=sv_ys_5
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=897204&ref_=sv_wl_8&sr=1-1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html/?nodeId=G7DZMQDVP963VXJS
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201910160
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201971070&ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=202075050
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468496&ref_=footer_privacy
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468520&ref_=footer_shiprates
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468556
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508088&ref_=footer_cou
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=footer_gw_m_b_he
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=nav_cs_customerservice
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GA22MNAVD7XADYG9
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GDFU3JS5AL6SYHRD&ref_=footer_covid
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GLQP8385T78LUERA&ref_=universal_registries_subnav
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GWS7X8NH29WQEK5X
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/history
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/history
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/history/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/history/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/history/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/history/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/history/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/history/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/history/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/orc/rml/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/pdp/profile/
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/pdp/profile/?ie=UTF8&ref_=sv_ys_4
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/product/e-mail-friend
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/product/product-availability
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/product/rate-this-item
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/profile/
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/promotion/
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/reader
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/reader
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/socialmedia/giveaways
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/video/api
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/video/dvd-rental/settings
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/video/mystuff
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/video/settings
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/vote
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/vote
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/voting/
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/voting/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence <form action="/wedding/search" class="wedding-find-stripe__form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "nameOrEmail" "ref_" ].
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/yourstore/home/?ie=UTF8&ref_=topnav_storetab_ys
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/yourstore/iyr/?ie=UTF8&ref_=sv_ys_3
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/gp/yourstore/recs/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/Herbal-Zap-Instantly-Dissolving-Supplement/dp/B01L4J9O8Y/ref=sr_1_33?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/hp/video/api
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/contact-us/ajax/initiate-trusted-contact/
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/help/contact/*/message/$
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/leaderboard/top-reviewers/
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/hz/wishlist/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/wishlist/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/wishlist/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/hz/wishlist/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/hz/wishlist/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/wishlist/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/hz/wishlist/friends/ref_=cm_wl_your_friends
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/hz/wishlist/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Lets-Clean-The-House/dp/B0B8PGK8XW/ref=sr_1_56?keywords=ZAP&qid=1701867726&sr=8-56
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Living-Puppet-9-Inch-Friendly-Monster/dp/B0CJQBMHW1/ref=sr_1_48?keywords=ZAP&qid=1701867726&sr=8-48
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/music/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/music/get?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/music/prime
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/music/prime
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/music/s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D899f9d5a-aa9a-ac57-0071-071f359074a7%26type%3D55%26m%3D1&ex-fch=416613&ex-hargs=v%3D1.0%3Bc%3D2702107500201%3Bp%3D899F9D5A-AA9A-AC57-0071-071F359074A7&ex-src=https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Outdoor-Cordless-Rechargeable-Mosquito-Equipped/dp/B0BNN13X69/ref=sr_1_43?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Outdoor-High-Power-Mosquito-Waterproof-Backyard/dp/B0BVQWLLT7/ref=sr_1_44?keywords=ZAP&qid=1701867726&sr=8-44
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/Pacer-Technology-Zap-CA-Adhesives/dp/B0006O8ECG/ref=sr_1_53?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Pacer-Technology-Zap-Single-Adhesives/dp/B00GB0SFT6/ref=sr_1_52?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Pacer-Technology-Zap-Z-Poxy-Minute/dp/B00SXJJ4I4/ref=sr_1_60?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Pacer-Technology-Zap-Zap-Adhesives/dp/B00SXJJ2QI/ref=sr_1_7?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Pellon-Wrap-N-Zap-Batting-36-Inch-Natural/dp/B01N4B9B6I/ref=sr_1_46?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Phosooy-Electric-Aluminium-Mosquito-Hanging/dp/B08P8MJ4X3/ref=sr_1_59?keywords=ZAP&qid=1701867726&sr=8-59
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence <form method="post">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "cross-context-behavioral-ads-opt-in" "cross-context-behavioral-ads-opt-out" "privacy-pref-save" ].
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form class="askQuestionForm" method="POST" action="/ask/questions/asin/B000XTPNZK/create">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "__token_" "askErrorUrl" "askQuestionSource" "askQuestionSourcePage" ].
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/product-reviews/B0069IY63Y
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/product-reviews/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/product-reviews/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/product-reviews/B096X8471C/ref=nta-top-sellers_d_sccl_1_8_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form class="askQuestionForm" method="POST" action="/ask/questions/asin/B0BB9BMD7F/create">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "__token_" "askErrorUrl" "askQuestionSource" "askQuestionSourcePage" ].
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form class="askQuestionForm" method="POST" action="/ask/questions/asin/B0BBPJ1PW6/create">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "__token_" "askErrorUrl" "askQuestionSource" "askQuestionSourcePage" ].
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form class="askQuestionForm" method="POST" action="/ask/questions/asin/B0BX2MXBH1/create">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "__token_" "askErrorUrl" "askQuestionSource" "askQuestionSourcePage" ].
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/Pure-ZAP-Vitamin-Natural-Verified/dp/B0CLFF5X2N/ref=sr_1_51?keywords=ZAP&qid=1701867726&sr=8-51
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ref=cs_500_link
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ref=cs_500_logo
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ref=cs_503_link
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ref=cs_503_logo
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ref=nav_logo
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence <form id="gr-find-stripe__form" method="post" action="" class="gr-find-stripe__form a-spacing-medium a-spacing-top-medium">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "name" ].
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence <form id="gr-find-stripe__form" method="post" action="" class="gr-find-stripe__form a-spacing-medium a-spacing-top-medium">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "name" ].
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence <form id="gr-find-stripe__form" method="post" action="" class="gr-find-stripe__form a-spacing-medium a-spacing-top-medium">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "name" ].
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence <form id="gr-find-stripe__form" method="post" action="" class="gr-find-stripe__form a-spacing-medium a-spacing-top-medium">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "name" ].
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form id="gr-find-stripe__form" method="post" action="" class="gr-find-stripe__form a-spacing-medium a-spacing-top-medium">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "name" ].
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/review/common/du
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/review/common/du
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/reviews/iframe
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect'>
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+cleaner&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_0
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+glue&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_3
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "content-id" "k" "pd_rd_r" "pd_rd_w" "pd_rd_wg" "pf_rd_p" "pf_rd_r" "qid" "ref" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence <form method="get" action="/s">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "content-id" "high-price" "k" "low-price" "pd_rd_r" "pd_rd_w" "pd_rd_wg" "pf_rd_p" "pf_rd_r" "qid" "ref" "rnid" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+skimboard&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_2
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "content-id" "k" "pd_rd_r" "pd_rd_w" "pd_rd_wg" "pf_rd_p" "pf_rd_r" "qid" "ref" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence <form method="get" action="/s">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "content-id" "high-price" "k" "low-price" "pd_rd_r" "pd_rd_w" "pd_rd_wg" "pf_rd_p" "pf_rd_r" "qid" "ref" "rnid" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zep&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s/browse/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&ie=UTF8&node=12302698011&pd_rd_i=B0BW2VKGXX&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s/ref=nb_sb_noss?field-keywords=ZAP&url=https%3A%2F%2Fzap.example.com
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3A%2BgnDOQg7ZkELD4ve3ezFEBZ6NXmMmK4ZL9oCbiflnuI&k=ZAP&qid=1701867726&ref=sr_nr_n_7&rh=n%3A3310241011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3A2crFyusus%2B%2B1RT1IwyUcU5XC59VUC46m3qWpeqVgASA&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_1&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624669011&rnid=116623717011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3A6hO4ACwHHBgsE4GPUVQOCqFN1jLvlSUMJjEDH%2F5O9Xc&k=ZAP&qid=1701867726&ref=sr_nr_n_4&rh=n%3A2625373011%2Cn%3A2858905011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3A9HZGWeEBC7fpeApkrnRZ%2B0noSnyscx6e73bvFE5haRo&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_4&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972997011&rnid=2972980011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3Aa3L5yTq%2FTwAq%2BJ3vC5KEF7wpuGAqx2rnqT4RadNEQUw&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_five_browse-bin_2&rh=n%3A553844%2Cp_n_feature_five_browse-bin%3A3622357011&rnid=3622346011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AAj5uFUCmzBeIGCB9O4HD5B7ecF9u2cEiX5pLWbA7pbI&k=ZAP&qid=1701867726&ref=sr_nr_n_9&rh=n%3A15342811&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AB4kJcVL6p3ciIEr8VqWzcrfxAqq2mUXrpSaQ8%2BnR2bs&k=ZAP&qid=1701867726&ref=sr_nr_n_5&rh=n%3A2236128011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3ADfC3Jc%2Fathy%2FRtz2qlN4k2fN2W%2B69EMqB0Wj9ogPRng&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_1&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624666011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AdJGoKEUeVJUmdp%2FwolJaYem3p4f7gC9xCNmXGyPCG8A&k=ZAP&qid=1701867726&ref=sr_nr_p_n_availability_2&rh=p_n_availability%3A2661601011&rnid=2661599011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AEoJQDIxorNSLVTxbHgjb7OJEBRaD74dfWqIoSpg1yuY&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_five_browse-bin_1&rh=n%3A553844%2Cp_n_feature_five_browse-bin%3A3622349011&rnid=3622346011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AErIi6LrN3colZg%2FVX3I5QfY8FZ7K4mIFZYuGJhCxhJQ&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_3&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624672011&rnid=116623717011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AETFEK2gWyn69GO0z64HRRciTpcLblrr65sAIfWhSrlU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_sb_certificate_id_1&rh=p_n_sb_certificate_id%3A98614993011&rnid=98614992011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3Af507bn1iJ3PXzyLGr04rOT25Qu22KyU1gl2ZLLCgDaU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624662011&rnid=116623715011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AfZ8FVSIdc1PbE83G1hsctPSCtZkyHqUed7sUbFVV6fo&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_2&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972994011&rnid=2972980011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3Ah%2BVTVE2AY0cxrNzy9enMcGam8OMSH48bPEIgoSrF0L4&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_forty-one_browse-bin_1&rh=n%3A2972638011%2Cp_n_feature_forty-one_browse-bin%3A119653281011&rnid=119653280011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "dc" "i" "k" "qid" "ref" "rh" "rnid" ].
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form method="get" action="/s">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "dc" "high-price" "i" "k" "low-price" "qid" "ref" "rh" "rnid" ].
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/s?dc&ds=v1%3AHGxFMrFiQgPStU10MEDG2rHilbXMy1djT748rHIuYsY&k=ZAP&qid=1701867726&ref=sr_nr_p_36_2&rh=n%3A2972638011%2Cp_36%3A2661613011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AHQQ5UvgIDzXjeyXJZOPUFZRnWvkJRVAnXZ8RUO3%2FugI&k=ZAP&qid=1701867726&ref=sr_nr_p_72_3&rh=p_72%3A2661620011&rnid=2661617011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AiZCunxarHdwKSUxjmUjqhaddqL9uXJe1Z72Roe%2BmcVY&k=ZAP&qid=1701867726&ref=sr_nr_p_72_4&rh=p_72%3A2661621011&rnid=2661617011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3Aj8puxO0oy%2FGawj%2FmWFlf9y3TMbdwSH6VTItIe6xBlLw&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624670011&rnid=116623717011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3Ak2x2B5%2FPbUY3SdCV%2F1UvaNsUmRunD0PPx7Q1c61Gung&k=ZAP&qid=1701867726&ref=sr_nr_p_36_4&rh=n%3A2972638011%2Cp_36%3A2661615011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AlqYbcZALOVGXWSl080MnUWXsxFJIhrYnn3ovkyIP%2BTE&k=ZAP&qid=1701867726&ref=sr_nr_n_2&rh=n%3A2625373011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3ALVQLAHCecwjxfLgrctm3Wgujr%2BYp6xiUGIEBdQ2VTuc&k=ZAP&qid=1701867726&ref=sr_nr_p_72_1&rh=p_72%3A2661618011&rnid=2661617011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "dc" "i" "k" "qid" "ref" "rh" "rnid" ].
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <form method="get" action="/s">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "dc" "high-price" "i" "k" "low-price" "qid" "ref" "rh" "rnid" ].
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/s?dc&ds=v1%3AMPk1Axx7H3xe85ZYUl16%2B36IbpwqDvdhLSCh93XikfQ&k=ZAP&qid=1701867726&ref=sr_nr_p_n_date_first_available_absolute_1&rh=n%3A2972638011%2Cp_n_date_first_available_absolute%3A2661609011&rnid=2661608011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AmQlpkGxEtH%2BGPX%2FFgthYt7jlu8EmzymK%2FbBMCB%2FWY90&k=ZAP&qid=1701867726&ref=sr_nr_n_1&rh=n%3A3738021&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AN2y66%2BjGnwLPLT9Ad%2BUnyZB%2FKps1hzMH6SBRGmwZF%2B4&k=ZAP&qid=1701867726&ref=sr_nr_p_36_1&rh=n%3A2972638011%2Cp_36%3A2661612011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AO%2B1glBJ6PwcMM8lxLfbM2uHUBJepAKX0qX4W28A9ljA&k=ZAP&qid=1701867726&ref=sr_nr_p_n_deal_type_1&rh=p_n_deal_type%3A23566065011&rnid=23566063011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AOIBjDd7i2iZ4Q1LgiAGExL%2BNbT9qF7db2T6cCPGfHA0&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_2&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624667011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AOWy6AIfDqMbYmFIk9qKX3Zu8x7CduUIZkBJpcrXpiGA&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_3&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972992011&rnid=2972980011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AP4ZYziMF29gHf0wFsf8JQ0iT2Qa2v0IbDdFEYUT6oms&k=ZAP&qid=1701867726&ref=sr_nr_p_89_2&rh=n%3A2972638011%2Cp_89%3AAMUFER&rnid=2528832011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AP9Y1DGUekhwZJEj5l4M%2BDeMqHbtOcbH4OlJJq%2BLMkZs&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_5&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972983011&rnid=2972980011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3ApF%2Fam6Ycg%2BXg69FChSeHZARGZCjZ7%2BHOj7nL%2FRgx1TU&k=ZAP&qid=1701867726&ref=sr_nr_n_8&rh=n%3A3737901&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AQgf545ZuA2jEc1bxVS3yR7eKXMWFs069s7I7wrdkk9w&k=ZAP&qid=1701867726&ref=sr_nr_p_36_3&rh=n%3A2972638011%2Cp_36%3A2661614011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AqsV428nc0lCi%2BF4WKVuvZWHSeZPKaliyKi9CvFlUXe4&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_2&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624661011&rnid=116623715011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3ArfSTulZPqfJAHvdysD9XF1SMxq%2BdLm0bJr28LYz0ym8&k=ZAP&qid=1701867726&ref=sr_nr_p_89_3&rh=n%3A2972638011%2Cp_89%3AMosiller&rnid=2528832011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "dc" "i" "k" "qid" "ref" "rh" "rnid" ].
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/s?dc&ds=v1%3Atz301C2BNRRhzs%2FXdAaNoYRM4gLlE71cHOmZcxKi3Eg&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_1&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972982011&rnid=2972980011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AUfZokyaknMPMTqRPrIDdfcpFrnToD5OBpVaKPvp8pW0&k=ZAP&qid=1701867726&ref=sr_nr_p_n_date_first_available_absolute_2&rh=n%3A2972638011%2Cp_n_date_first_available_absolute%3A2661610011&rnid=2661608011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AuJO0zldyeQF3qbBEzLRc0ujBz906IUjSBK0FN37qyeY&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_3&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624663011&rnid=116623715011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AvgHZh9iFYqLIsprMnQZFaHLY0IP2Y092OCgmWPpZJwI&k=ZAP&qid=1701867726&ref=sr_nr_p_n_deal_type_2&rh=p_n_deal_type%3A23566064011&rnid=23566063011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AvZJmqOwpJGP5PtQR60%2FsfDe7qBWbpC9yXgGk%2FfaAcVQ&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_6&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972990011&rnid=2972980011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AW7I0E02CY0iCYRkycCLENS8sgA1Evgv%2FqmnjoDkZaJY&k=ZAP&qid=1701867726&ref=sr_nr_n_6&rh=n%3A13398611&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AWcj9ZdCeQuRX3AY2wUotx85egurfOmXy1USjFddsNgs&k=ZAP&qid=1701867726&ref=sr_nr_p_n_condition-type_1&rh=n%3A2972638011%2Cp_n_condition-type%3A6358196011&rnid=6358194011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3Awp%2BGwDVLpOrgR5aIprd9KEZPBSBdSgy7Lbowk3eiaAo&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_1&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624664011&rnid=116623715011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AwwhK4KmVli9s9YcgOcWqpFCNe8HXnkoBs9PJQY3P5ac&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_2&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624671011&rnid=116623717011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AxfgPZmrOdMQ94WkDNM%2FSkEnghyIQYK4pqckhjNuH6Mc&k=ZAP&qid=1701867726&ref=sr_nr_p_72_2&rh=p_72%3A2661619011&rnid=2661617011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "dc" "i" "k" "qid" "ref" "rh" "rnid" ].
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/s?dc&ds=v1%3AzZWXMddzJwQeYrpboa2zgI%2Fs0lCN%2FJgMLPP5%2FdU61m8&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_3&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624665011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_500_search
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "k" "qid" "ref" ].
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence <form method="get" action="/s">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "high-price" "k" "low-price" "qid" "ref" "rnid" ].
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/s?k=ZAP&page=2&qid=1701867726&ref=sr_pg_1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=ZAP&page=2&qid=1701867726&ref=sr_pg_2
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=ZAP&page=3&qid=1701867726&ref=sr_pg_3
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+animal+collar&ref=sr_nr_p_cosmo_multi_pt_8
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+battery&ref=sr_nr_p_cosmo_multi_pt_11
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+bonding+adhesive&ref=sr_nr_p_cosmo_multi_pt_2
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "k" "qid" "ref" ].
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence <form method="get" action="/s">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "high-price" "k" "low-price" "qid" "ref" "rnid" ].
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ue_back" ].
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "k" "qid" "ref" ].
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/s?k=zap+charging+adapter&ref=sr_nr_p_cosmo_multi_pt_15
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+cleaning+agent&ref=sr_nr_p_cosmo_multi_pt_3
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+digital+movie&ref=sr_nr_p_cosmo_multi_pt_1
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+drain+opener+substance&ref=sr_nr_p_cosmo_multi_pt_14
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+electromechanical+switch&ref=sr_nr_p_cosmo_multi_pt_13
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+flashlight&ref=sr_nr_p_cosmo_multi_pt_10
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+medication&ref=sr_nr_p_cosmo_multi_pt_16
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+pest+control+device&ref=sr_nr_p_cosmo_multi_pt_0
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+remote+control&ref=sr_nr_p_cosmo_multi_pt_7
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+skin+moisturizer&ref=sr_nr_p_cosmo_multi_pt_12
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+sport+board+%26+ski&ref=sr_nr_p_cosmo_multi_pt_5
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+towel&ref=sr_nr_p_cosmo_multi_pt_9
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+toy+gun&ref=sr_nr_p_cosmo_multi_pt_4
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence <form method="get" action="/s" class="aok-inline-block a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "k" "qid" "ref" ].
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/s?k=zap+watch&ref=sr_nr_p_cosmo_multi_pt_18
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Shark-AV2501S-Self-Empty-Navigation-UltraClean/dp/B09H8CWFNK/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H8CWFNK&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ShiZap-Energized-Stacking-Block-Game/dp/B08HCHDPK2/ref=sr_1_39?keywords=ZAP&qid=1701867726&sr=8-39
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Simply-Calphalon-Nonstick-Cookware-SA10H/dp/B001AS94TY/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B001AS94TY&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/sitemap.xml
Method GET
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery-ebook/dp/B09RC2SQ5K/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820079/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820095/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/B09VLGT12H/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Soundcore-Cancelling-Headphones-Wireless-Bluetooth/dp/B07NM3RSRQ/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0819LK85F&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ss/customer-reviews/lighthouse/
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ss/twister/ajax
Method GET
Parameter
Attack
Evidence <form id="b" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "f" "g" ].
URL https://www.amazon.com/The-Zip-Zap-No-Small-Parts/dp/B0CBD6M8X5/ref=sr_1_42?keywords=ZAP&qid=1701867726&sr=8-42
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form id="gr-tag-modal-create-form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "gr-tag-modal-name-input" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form method="get" action="/gp/cart/view.html/ref=1_cart" class="a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=pd_bxgy_crt?_encoding=UTF8&amp;pd_rd_w=HS8xW&amp;content-id=amzn1.sym.839d7715-b862-4989-8f65-c6f9502d15f9&amp;pf_rd_p=839d7715-b862-4989-8f65-c6f9502d15f9&amp;pf_rd_r=P3DR0G98WX3Y8XEF2WGQ&amp;pd_rd_wg=vkWiJ&amp;pd_rd_r=124c8189-cc25-460b-a52c-46bf175255fc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "ue_back" ].
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence <form action="/wedding/search" class="wedding-find-stripe__form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "nameOrEmail" "ref_" ].
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence <form action="/wedding/search" class="wedding-find-stripe__form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "nameOrEmail" "ref_" ].
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence <form action="/wedding/search" class="wedding-find-stripe__form">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "nameOrEmail" "ref_" ].
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "ue_back" ].
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence <form id="wr-search-search-form" method="get" action="/wedding/search?ref_=hit_wr_cr_search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "nameOrEmail" ].
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form id="wr-search-search-form" method="get" action="/wedding/search?ref_=hit_wr_cr_search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "nameOrEmail" ].
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/ZAP-Black-Large-Twin-Zapper/dp/B08GXVGZZZ/ref=sr_1_15?keywords=ZAP&qid=1701867726&sr=8-15
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Blue-Medium-Twin-Zapper/dp/B08GWZ3LVQ/ref=sr_1_24?keywords=ZAP&qid=1701867726&sr=8-24
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Blue-Mini-Twin-Zapper/dp/B08GXB6Y9Z/ref=sr_1_45?keywords=ZAP&qid=1701867726&sr=8-45
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZ8TXWQ/ref=sr_1_14?keywords=ZAP&qid=1701867726&sr=8-14
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZQKWVP/ref=sr_1_16?keywords=ZAP&qid=1701867726&sr=8-16
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Bug-Zapper-Rechargeable-Attractant/dp/B085HLLHL1/ref=sr_1_11?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Cloth-Streak-Free-Cloths/dp/B00JOQWPNG/ref=sr_1_54?keywords=ZAP&qid=1701867726&sr=8-54
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Electric-Indoor-Zapper-Mosquito/dp/B088QS5VGJ/ref=sr_1_22?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Electric-Outdoor-Waterproof-Mosquito/dp/B088QSKG8S/ref=sr_1_30?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Formaldehyde-Brazilian-Treatment-Progressive/dp/B0BL437FFW/ref=sr_1_32?keywords=ZAP&qid=1701867726&sr=8-32
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Justin-J-Wheeler/dp/B085K7PHB3/ref=sr_1_58?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Kara-Camden/dp/B01DUIN9TC/ref=sr_1_12?keywords=ZAP&qid=1701867726&sr=8-12
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Martha-Freeman-ebook/dp/B074ZN2L3N/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Play-Paul-Fleischman-ebook/dp/B011S7489W/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Play-Paul-Fleischman/dp/0763627747/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Play-Revised-Paul-Fleischman/dp/0763680133/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Progressive-Brush-Long-lasting-Straightening/dp/B07SSHX3BM/ref=sr_1_8?keywords=ZAP&qid=1701867726&sr=8-8
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/ZAP-Zapper-Large-Twin-Pack/dp/B07GN4JZL8/ref=sr_1_10?keywords=ZAP&qid=1701867726&sr=8-10
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zap-Zapper-Racket-4000V-Rechargeable/dp/B06WW6831F/ref=sr_1_5?keywords=ZAP&qid=1701867726&sr=8-5
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zapped-Zendaya/dp/B00MKKCVGO/ref=sr_1_34?keywords=ZAP&qid=1701867726&sr=8-34
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence <form id="twister" method="get" action="/gp/product" class="a-spacing-small">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "ASIN" "dummySubmitButton" "twisterDimKeys" "twisterNonJs" ].
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence <form method="get" action="" autocomplete="off" class="aok-hidden all-offers-display-params">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "all-offers-display-params" "all-offers-display-reload-param" ].
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=pd_bxgy_crt?_encoding=UTF8&amp;pd_rd_w=FNKd0&amp;content-id=amzn1.sym.839d7715-b862-4989-8f65-c6f9502d15f9&amp;pf_rd_p=839d7715-b862-4989-8f65-c6f9502d15f9&amp;pf_rd_r=73FRJ0K9NJEWYP2DSF6V&amp;pd_rd_wg=zVAK0&amp;pd_rd_r=8ef76853-3618-4ca7-a634-7ed1488d1f45" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "ue_back" ].
URL https://www.amazon.com/Zezo-Fiber-Zap-Cloth-10-Cloths/dp/B01CH150VS/ref=sr_1_9?keywords=ZAP&qid=1701867726&sr=8-9
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.amazon.com/Zipi-Zape-Isla-del-Capit%C3%A1n/dp/B09ZKMWZ25/ref=sr_1_37?keywords=ZAP&qid=1701867726&sr=8-37
Method GET
Parameter
Attack
Evidence <form method="get" action="/errors/validateCaptcha" name="">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "amzn" "amzn-r" "captchacharacters" ].
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence <form action="/search" autocomplete="off" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "btnI" "btnK" "ei" "iflsig" "sca_esv" "source" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_8?_encoding=UTF8&amp;pd_rd_i=B09FP6WDSK&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "items[8.base][asin]" "items[8.base][offerListingId]" "items[8.base][quantity]" "quantity.B09FP6WDSK" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_0?_encoding=UTF8&amp;pd_rd_i=B0BN5XVFXG&amp;pd_rd_w=VpWv4&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_1?_encoding=UTF8&amp;pd_rd_i=B09ZNTCKC7&amp;pd_rd_w=VpWv4&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_0?_encoding=UTF8&amp;pd_rd_i=B07DP8TSFT&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_1?_encoding=UTF8&amp;pd_rd_i=B0747WDVCL&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 14: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_2?_encoding=UTF8&amp;pd_rd_i=B0164L0Z9O&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 15: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_3?_encoding=UTF8&amp;pd_rd_i=B00OCGUG02&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 16: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_4?_encoding=UTF8&amp;pd_rd_i=B07JPYYMLK&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 17: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_5?_encoding=UTF8&amp;pd_rd_i=B07YCDV31V&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 18: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_6?_encoding=UTF8&amp;pd_rd_i=B07XQM9ZT6&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 19: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_7?_encoding=UTF8&amp;pd_rd_i=B0C7TQF43J&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 20: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_8?_encoding=UTF8&amp;pd_rd_i=B07S3XQFBS&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 21: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_9?_encoding=UTF8&amp;pd_rd_i=B07W9765QW&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 22: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_10?_encoding=UTF8&amp;pd_rd_i=B08B4KYKJZ&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 23: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_11?_encoding=UTF8&amp;pd_rd_i=B094YMHBVW&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 24: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_12?_encoding=UTF8&amp;pd_rd_i=B0BKFHD3VY&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 25: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_13?_encoding=UTF8&amp;pd_rd_i=B07RG7DDW6&amp;pd_rd_w=oGmUZ&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 26: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 27: "ue_back" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="sw-ptc-form" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sw_proceed?proceedToCheckout=1&amp;oldCustomerId=0&amp;sessionID=147-4280155-9611859&amp;useDefaultCart=1" class="a-spacing-none a-spacing-top-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_1?_encoding=UTF8&amp;pd_rd_i=B07Y8FLNHZ&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "quantity.B07Y8FLNHZ" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_2?_encoding=UTF8&amp;pd_rd_i=B0BDYYR7GV&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "quantity.B0BDYYR7GV" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_3?_encoding=UTF8&amp;pd_rd_i=B07FX31L5K&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "items[3.base][asin]" "items[3.base][offerListingId]" "items[3.base][quantity]" "quantity.B07FX31L5K" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_4?_encoding=UTF8&amp;pd_rd_i=B07G44K67L&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "items[4.base][asin]" "items[4.base][offerListingId]" "items[4.base][quantity]" "quantity.B07G44K67L" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_5?_encoding=UTF8&amp;pd_rd_i=B07JHM5P8Q&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "items[5.base][asin]" "items[5.base][offerListingId]" "items[5.base][quantity]" "quantity.B07JHM5P8Q" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_6?_encoding=UTF8&amp;pd_rd_i=B0CJR3VFFH&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "items[6.base][asin]" "items[6.base][offerListingId]" "items[6.base][quantity]" "quantity.B0CJR3VFFH" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_7?_encoding=UTF8&amp;pd_rd_i=B07Z4G36M2&amp;pd_rd_w=rbz6v&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=R8CFMWQEREGTDVATVKA8&amp;pd_rd_wg=n56oK&amp;pd_rd_r=18d0b52e-a612-43cc-8763-ccc0fd4fd2a5" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "items[7.base][asin]" "items[7.base][offerListingId]" "items[7.base][quantity]" "quantity.B07Z4G36M2" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_8?_encoding=UTF8&amp;pd_rd_i=B01HS3JOFS&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "items[8.base][asin]" "items[8.base][offerListingId]" "items[8.base][quantity]" "quantity.B01HS3JOFS" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_0?_encoding=UTF8&amp;pd_rd_i=B00489KLB2&amp;pd_rd_w=pvB0p&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_1?_encoding=UTF8&amp;pd_rd_i=B08X1JKSQ8&amp;pd_rd_w=pvB0p&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_2?_encoding=UTF8&amp;pd_rd_i=B005DS4WCG&amp;pd_rd_w=pvB0p&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_3?_encoding=UTF8&amp;pd_rd_i=B00LNG91UU&amp;pd_rd_w=pvB0p&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 14: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_4?_encoding=UTF8&amp;pd_rd_i=B0BHZRKBLN&amp;pd_rd_w=pvB0p&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 15: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_5?_encoding=UTF8&amp;pd_rd_i=B002M0H7XO&amp;pd_rd_w=pvB0p&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 16: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_0?_encoding=UTF8&amp;pd_rd_i=B07MHJFRBJ&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 17: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_1?_encoding=UTF8&amp;pd_rd_i=B079VP6DH5&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 18: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_2?_encoding=UTF8&amp;pd_rd_i=B074CR89QG&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 19: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_3?_encoding=UTF8&amp;pd_rd_i=B00S93EQUK&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 20: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_4?_encoding=UTF8&amp;pd_rd_i=B0932M1666&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 21: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_5?_encoding=UTF8&amp;pd_rd_i=B0016HF5GK&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 22: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_8?_encoding=UTF8&amp;pd_rd_i=B0748J34WZ&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 23: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_9?_encoding=UTF8&amp;pd_rd_i=B09BWFX1L6&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 24: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_10?_encoding=UTF8&amp;pd_rd_i=B01LYNW421&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 25: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_11?_encoding=UTF8&amp;pd_rd_i=B079VP6DH6&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 26: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_12?_encoding=UTF8&amp;pd_rd_i=B00WSWGVZQ&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 27: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_13?_encoding=UTF8&amp;pd_rd_i=B00FQT4LX2&amp;pd_rd_w=0tRm5&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 28: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_0?_encoding=UTF8&amp;pd_rd_i=B0894GLLR8&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 29: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="sw-ptc-form" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sw_proceed?proceedToCheckout=1&amp;oldCustomerId=0&amp;sessionID=147-4280155-9611859&amp;useDefaultCart=1" class="a-spacing-none a-spacing-top-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_1?_encoding=UTF8&amp;pd_rd_i=B00AY1LSHY&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 30: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_2?_encoding=UTF8&amp;pd_rd_i=B0B2KPH2JJ&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 31: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_3?_encoding=UTF8&amp;pd_rd_i=B07JQCLHV2&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 32: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_4?_encoding=UTF8&amp;pd_rd_i=B0BZTRG1K7&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 33: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_6?_encoding=UTF8&amp;pd_rd_i=B09QY855R3&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 34: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_7?_encoding=UTF8&amp;pd_rd_i=B08SBNKXWX&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 35: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_8?_encoding=UTF8&amp;pd_rd_i=B01MZ2WUCA&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 36: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_9?_encoding=UTF8&amp;pd_rd_i=B06Y5XD1NP&amp;pd_rd_w=mP02C&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 37: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 38: "ue_back" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_1?_encoding=UTF8&amp;pd_rd_i=B07KFZFKLT&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "quantity.B07KFZFKLT" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_2?_encoding=UTF8&amp;pd_rd_i=B07QML4C7B&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "quantity.B07QML4C7B" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_3?_encoding=UTF8&amp;pd_rd_i=B09SP5X1Q8&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "items[3.base][asin]" "items[3.base][offerListingId]" "items[3.base][quantity]" "quantity.B09SP5X1Q8" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_4?_encoding=UTF8&amp;pd_rd_i=B01DQET5VG&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "items[4.base][asin]" "items[4.base][offerListingId]" "items[4.base][quantity]" "quantity.B01DQET5VG" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_5?_encoding=UTF8&amp;pd_rd_i=B0C3HJ37MT&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "items[5.base][asin]" "items[5.base][offerListingId]" "items[5.base][quantity]" "quantity.B0C3HJ37MT" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_6?_encoding=UTF8&amp;pd_rd_i=B07WSBPCTF&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "items[6.base][asin]" "items[6.base][offerListingId]" "items[6.base][quantity]" "quantity.B07WSBPCTF" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_7?_encoding=UTF8&amp;pd_rd_i=B083LQMD65&amp;pd_rd_w=iK7oT&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=MCBS0QKV451BS2QZZ931&amp;pd_rd_wg=kGlWR&amp;pd_rd_r=80dd94be-7c69-4d10-bf44-753429558aed" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "items[7.base][asin]" "items[7.base][offerListingId]" "items[7.base][quantity]" "quantity.B083LQMD65" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_attach_percolate_post_atc_4?_encoding=UTF8&amp;pd_rd_i=B000HX0K64&amp;pd_rd_w=UUsqp&amp;content-id=amzn1.sym.f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_p=f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_attach_percolate_post_atc_5?_encoding=UTF8&amp;pd_rd_i=B07K82GRDV&amp;pd_rd_w=UUsqp&amp;content-id=amzn1.sym.f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_p=f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_attach_percolate_post_atc_6?_encoding=UTF8&amp;pd_rd_i=B0009V1WP2&amp;pd_rd_w=UUsqp&amp;content-id=amzn1.sym.f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_p=f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_attach_percolate_post_atc_7?_encoding=UTF8&amp;pd_rd_i=B000ONVJ2G&amp;pd_rd_w=UUsqp&amp;content-id=amzn1.sym.f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_p=f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_attach_percolate_post_atc_8?_encoding=UTF8&amp;pd_rd_i=B000FKEZ3S&amp;pd_rd_w=UUsqp&amp;content-id=amzn1.sym.f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_p=f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 14: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_0?_encoding=UTF8&amp;pd_rd_i=B07T3F6JST&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 15: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_1?_encoding=UTF8&amp;pd_rd_i=B087S9KSY9&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 16: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_2?_encoding=UTF8&amp;pd_rd_i=B08TJTB8XS&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 17: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_3?_encoding=UTF8&amp;pd_rd_i=B0BVGPHJQ6&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 18: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_5?_encoding=UTF8&amp;pd_rd_i=B0B6WSWZPW&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 19: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_6?_encoding=UTF8&amp;pd_rd_i=B08TJTBSGP&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 20: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_7?_encoding=UTF8&amp;pd_rd_i=B09CMNV65T&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 21: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_8?_encoding=UTF8&amp;pd_rd_i=B01CTBI5CC&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 22: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_9?_encoding=UTF8&amp;pd_rd_i=B0BPTNX2Z1&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 23: "anti-csrftoken-a2z" "clientName" "items[9.base][asin]" "items[9.base][offerListingId]" "items[9.base][quantity]" "quantity.B0BPTNX2Z1" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_10?_encoding=UTF8&amp;pd_rd_i=B08ZGX6L8M&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 24: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_11?_encoding=UTF8&amp;pd_rd_i=B00AU6D24U&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 25: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_12?_encoding=UTF8&amp;pd_rd_i=B098KP41P7&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 26: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_13?_encoding=UTF8&amp;pd_rd_i=B08Z263BK4&amp;pd_rd_w=6z3r7&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 27: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_0?_encoding=UTF8&amp;pd_rd_i=B07S57PQSM&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 28: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_2?_encoding=UTF8&amp;pd_rd_i=B00004Y8CQ&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 29: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="sw-ptc-form" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sw_proceed?proceedToCheckout=1&amp;oldCustomerId=0&amp;sessionID=147-4280155-9611859&amp;useDefaultCart=1" class="a-spacing-none a-spacing-top-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_3?_encoding=UTF8&amp;pd_rd_i=B07FL6J8LV&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 30: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_5?_encoding=UTF8&amp;pd_rd_i=B00NTCH52W&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 31: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_6?_encoding=UTF8&amp;pd_rd_i=B00480BUZW&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 32: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_7?_encoding=UTF8&amp;pd_rd_i=B07CM7PJQB&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 33: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_8?_encoding=UTF8&amp;pd_rd_i=B08RJ72Z1S&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 34: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_9?_encoding=UTF8&amp;pd_rd_i=B07Y9FR3R1&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 35: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_11?_encoding=UTF8&amp;pd_rd_i=B08GQDYT3W&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 36: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_13?_encoding=UTF8&amp;pd_rd_i=B077N9PXV3&amp;pd_rd_w=2PxPH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 37: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 38: "ue_back" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_1?_encoding=UTF8&amp;pd_rd_i=B071FRZRY4&amp;pd_rd_w=9CPQq&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "quantity.B071FRZRY4" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_2?_encoding=UTF8&amp;pd_rd_i=B0CDGT2BSL&amp;pd_rd_w=9CPQq&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "quantity.B0CDGT2BSL" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_4?_encoding=UTF8&amp;pd_rd_i=B07Z8RYFS3&amp;pd_rd_w=9CPQq&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "items[4.base][asin]" "items[4.base][offerListingId]" "items[4.base][quantity]" "quantity.B07Z8RYFS3" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_6?_encoding=UTF8&amp;pd_rd_i=B07TKMYP5C&amp;pd_rd_w=9CPQq&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "items[6.base][asin]" "items[6.base][offerListingId]" "items[6.base][quantity]" "quantity.B07TKMYP5C" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_7?_encoding=UTF8&amp;pd_rd_i=B0C2D6WQ57&amp;pd_rd_w=9CPQq&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "items[7.base][asin]" "items[7.base][offerListingId]" "items[7.base][quantity]" "quantity.B0C2D6WQ57" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_8?_encoding=UTF8&amp;pd_rd_i=B0B2X2ZR3N&amp;pd_rd_w=9CPQq&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "items[8.base][asin]" "items[8.base][offerListingId]" "items[8.base][quantity]" "quantity.B0B2X2ZR3N" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_attach_percolate_post_atc_3?_encoding=UTF8&amp;pd_rd_i=B009JTW84Y&amp;pd_rd_w=UUsqp&amp;content-id=amzn1.sym.f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_p=f2b77444-53bc-4782-bbab-9153f9d5fe67&amp;pf_rd_r=TD43EFS0K5KJD2Q1Y5A1&amp;pd_rd_wg=ekgqQ&amp;pd_rd_r=3c772d4e-07bc-484b-9416-5204f192dc93" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_0?_encoding=UTF8&amp;pd_rd_i=B07DP8TSFT&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_1?_encoding=UTF8&amp;pd_rd_i=B0747WDVCL&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_2?_encoding=UTF8&amp;pd_rd_i=B0164L0Z9O&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_3?_encoding=UTF8&amp;pd_rd_i=B00OCGUG02&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_4?_encoding=UTF8&amp;pd_rd_i=B07JPYYMLK&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 14: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_5?_encoding=UTF8&amp;pd_rd_i=B07YCDV31V&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 15: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_6?_encoding=UTF8&amp;pd_rd_i=B07XQM9ZT6&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 16: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_7?_encoding=UTF8&amp;pd_rd_i=B0C7TQF43J&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 17: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_8?_encoding=UTF8&amp;pd_rd_i=B07S3XQFBS&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 18: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_9?_encoding=UTF8&amp;pd_rd_i=B07W9765QW&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 19: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_10?_encoding=UTF8&amp;pd_rd_i=B08B4KYKJZ&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 20: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_11?_encoding=UTF8&amp;pd_rd_i=B094YMHBVW&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 21: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_12?_encoding=UTF8&amp;pd_rd_i=B0BKFHD3VY&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 22: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_ts_crc_13?_encoding=UTF8&amp;pd_rd_i=B07RG7DDW6&amp;pd_rd_w=S6x83&amp;content-id=amzn1.sym.741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_p=741b49a5-61ad-4bfc-a7d5-0d8dd5d6f665&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 23: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 24: "ue_back" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="sw-ptc-form" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sw_proceed?proceedToCheckout=1&amp;oldCustomerId=0&amp;sessionID=147-4280155-9611859&amp;useDefaultCart=1" class="a-spacing-none a-spacing-top-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_1?_encoding=UTF8&amp;pd_rd_i=B07FX31L5K&amp;pd_rd_w=aU1qf&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "quantity.B07FX31L5K" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_2?_encoding=UTF8&amp;pd_rd_i=B07G44K67L&amp;pd_rd_w=aU1qf&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "quantity.B07G44K67L" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_4?_encoding=UTF8&amp;pd_rd_i=B07VQG1G1K&amp;pd_rd_w=aU1qf&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "items[4.base][asin]" "items[4.base][offerListingId]" "items[4.base][quantity]" "quantity.B07VQG1G1K" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_6?_encoding=UTF8&amp;pd_rd_i=B07X8M4B43&amp;pd_rd_w=aU1qf&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "items[6.base][asin]" "items[6.base][offerListingId]" "items[6.base][quantity]" "quantity.B07X8M4B43" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_8?_encoding=UTF8&amp;pd_rd_i=B07XFRDN98&amp;pd_rd_w=aU1qf&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "items[8.base][asin]" "items[8.base][offerListingId]" "items[8.base][quantity]" "quantity.B07XFRDN98" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_0?_encoding=UTF8&amp;pd_rd_i=B0BJCVXMB6&amp;pd_rd_w=XngyO&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_1?_encoding=UTF8&amp;pd_rd_i=B07H3ZVMNP&amp;pd_rd_w=XngyO&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=F9CZ0PH4S2GENS3B4EX3&amp;pd_rd_wg=vOwTT&amp;pd_rd_r=f2da3fd0-2a6d-4c54-9fae-819e13b40f66" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_5_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" "ref" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_8?_encoding=UTF8&amp;pd_rd_i=B0CC62ZG1M&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "items[8.base][asin]" "items[8.base][offerListingId]" "items[8.base][quantity]" "quantity.B0CC62ZG1M" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_0?_encoding=UTF8&amp;pd_rd_i=B0BLD393H7&amp;pd_rd_w=LWwKW&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_huc_vtph_1?_encoding=UTF8&amp;pd_rd_i=B08Q1RN311&amp;pd_rd_w=LWwKW&amp;content-id=amzn1.sym.8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_p=8994214a-098f-45c0-a54e-267bbf2a8b40&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_0?_encoding=UTF8&amp;pd_rd_i=B09YRMQ698&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_1?_encoding=UTF8&amp;pd_rd_i=B0B7NV73PJ&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 14: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_3?_encoding=UTF8&amp;pd_rd_i=B0B1PXRM8F&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 15: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_4?_encoding=UTF8&amp;pd_rd_i=B0932DNRD5&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 16: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_5?_encoding=UTF8&amp;pd_rd_i=B00R25GJJW&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 17: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_6?_encoding=UTF8&amp;pd_rd_i=B00V5ZJRNU&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 18: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_7?_encoding=UTF8&amp;pd_rd_i=B0989PYV9P&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 19: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_8?_encoding=UTF8&amp;pd_rd_i=B09WRFJYLF&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 20: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_9?_encoding=UTF8&amp;pd_rd_i=B07PHCVSSS&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 21: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_12?_encoding=UTF8&amp;pd_rd_i=B09NBQ4K87&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 22: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_13?_encoding=UTF8&amp;pd_rd_i=B09QKF2M2S&amp;pd_rd_w=RDdWM&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 23: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_hashrec_0?_encoding=UTF8&amp;pd_rd_i=B08GYKNCCP&amp;pd_rd_w=QHnTd&amp;content-id=amzn1.sym.e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_p=e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 24: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_hashrec_3?_encoding=UTF8&amp;pd_rd_i=B09LYLJD2Q&amp;pd_rd_w=QHnTd&amp;content-id=amzn1.sym.e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_p=e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 25: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_hashrec_6?_encoding=UTF8&amp;pd_rd_i=B0C9K5VLH7&amp;pd_rd_w=QHnTd&amp;content-id=amzn1.sym.e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_p=e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 26: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_hashrec_7?_encoding=UTF8&amp;pd_rd_i=B088R1FDP2&amp;pd_rd_w=QHnTd&amp;content-id=amzn1.sym.e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_p=e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 27: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_hashrec_10?_encoding=UTF8&amp;pd_rd_i=B0C9DQCJ54&amp;pd_rd_w=QHnTd&amp;content-id=amzn1.sym.e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_p=e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 28: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_hashrec_11?_encoding=UTF8&amp;pd_rd_i=B079DY1H33&amp;pd_rd_w=QHnTd&amp;content-id=amzn1.sym.e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_p=e7263ff0-e765-43b7-bfc1-357aef0e8fbb&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 29: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="sw-ptc-form" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sw_proceed?proceedToCheckout=1&amp;oldCustomerId=0&amp;sessionID=147-4280155-9611859&amp;useDefaultCart=1" class="a-spacing-none a-spacing-top-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 30: "ue_back" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_1?_encoding=UTF8&amp;pd_rd_i=B0C7W3KTJ3&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "quantity.B0C7W3KTJ3" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_2?_encoding=UTF8&amp;pd_rd_i=B0CH7Q92J8&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "quantity.B0CH7Q92J8" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_3?_encoding=UTF8&amp;pd_rd_i=B0CHDSGLCF&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "items[3.base][asin]" "items[3.base][offerListingId]" "items[3.base][quantity]" "quantity.B0CHDSGLCF" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_4?_encoding=UTF8&amp;pd_rd_i=B09WC99KRR&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "items[4.base][asin]" "items[4.base][offerListingId]" "items[4.base][quantity]" "quantity.B09WC99KRR" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_5?_encoding=UTF8&amp;pd_rd_i=B0BN8PZP3B&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "items[5.base][asin]" "items[5.base][offerListingId]" "items[5.base][quantity]" "quantity.B0BN8PZP3B" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_6?_encoding=UTF8&amp;pd_rd_i=B0CN3R4ZW7&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "items[6.base][asin]" "items[6.base][offerListingId]" "items[6.base][quantity]" "quantity.B0CN3R4ZW7" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_7?_encoding=UTF8&amp;pd_rd_i=B0CN52W9PV&amp;pd_rd_w=da75G&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=A53X08YWW1N5KP7BJ1TV&amp;pd_rd_wg=TGuq2&amp;pd_rd_r=45b22a2f-250a-4824-8bd6-d461cd6e064e" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "items[7.base][asin]" "items[7.base][offerListingId]" "items[7.base][quantity]" "quantity.B0CN52W9PV" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_2?_encoding=UTF8&amp;pd_rd_i=B0B1PXRM8F&amp;pd_rd_w=kzYqI&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_3?_encoding=UTF8&amp;pd_rd_i=B07CZNJYC3&amp;pd_rd_w=kzYqI&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_4?_encoding=UTF8&amp;pd_rd_i=B003JJW5P2&amp;pd_rd_w=kzYqI&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_5?_encoding=UTF8&amp;pd_rd_i=B08GYKNCCP&amp;pd_rd_w=kzYqI&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_10?_encoding=UTF8&amp;pd_rd_i=B012WAQVYE&amp;pd_rd_w=kzYqI&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 14: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_rtpb_13?_encoding=UTF8&amp;pd_rd_i=B0989PYV9P&amp;pd_rd_w=kzYqI&amp;content-id=amzn1.sym.3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_p=3340d052-1640-41a0-861c-fef2de394586&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 15: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_cps_0?_encoding=UTF8&amp;pd_rd_i=B01EU9TK3O&amp;pd_rd_w=3htzN&amp;content-id=amzn1.sym.f17ff023-7920-4da7-a998-f259b01180bc&amp;pf_rd_p=f17ff023-7920-4da7-a998-f259b01180bc&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 16: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_cps_1?_encoding=UTF8&amp;pd_rd_i=B00CIQTZXC&amp;pd_rd_w=3htzN&amp;content-id=amzn1.sym.f17ff023-7920-4da7-a998-f259b01180bc&amp;pf_rd_p=f17ff023-7920-4da7-a998-f259b01180bc&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 17: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_ewc_fbt_1?_encoding=UTF8&amp;pd_rd_i=B089BVTB6J&amp;pd_rd_w=MAj7i&amp;content-id=amzn1.sym.38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_p=38487190-8d5e-4a51-a5fb-ff1dd87ce511&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 18: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 19: "ue_back" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="sw-ptc-form" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sw_proceed?proceedToCheckout=1&amp;oldCustomerId=0&amp;sessionID=147-4280155-9611859&amp;useDefaultCart=1" class="a-spacing-none a-spacing-top-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_0?_encoding=UTF8&amp;pd_rd_i=B078XLCMRD&amp;pd_rd_w=6hbxM&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "quantity.B078XLCMRD" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_1?_encoding=UTF8&amp;pd_rd_i=B07S3RRFF6&amp;pd_rd_w=6hbxM&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "quantity.B07S3RRFF6" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_4?_encoding=UTF8&amp;pd_rd_i=B00M9VXF50&amp;pd_rd_w=6hbxM&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "items[4.base][asin]" "items[4.base][offerListingId]" "items[4.base][quantity]" "quantity.B00M9VXF50" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_5?_encoding=UTF8&amp;pd_rd_i=B07FRBK1YB&amp;pd_rd_w=6hbxM&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "items[5.base][asin]" "items[5.base][offerListingId]" "items[5.base][quantity]" "quantity.B07FRBK1YB" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_6?_encoding=UTF8&amp;pd_rd_i=B0BY4F3DQ6&amp;pd_rd_w=6hbxM&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "items[6.base][asin]" "items[6.base][offerListingId]" "items[6.base][quantity]" "quantity.B0BY4F3DQ6" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_7?_encoding=UTF8&amp;pd_rd_i=B00OPWAMQ6&amp;pd_rd_w=6hbxM&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "items[7.base][asin]" "items[7.base][offerListingId]" "items[7.base][quantity]" "quantity.B00OPWAMQ6" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_8?_encoding=UTF8&amp;pd_rd_i=B010L610EC&amp;pd_rd_w=6hbxM&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=0J49MH73DW4E4CWZ9VNQ&amp;pd_rd_wg=wc5f6&amp;pd_rd_r=dc3c0090-b9e6-44f3-beeb-7b011a51b1d7" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "items[8.base][asin]" "items[8.base][offerListingId]" "items[8.base][quantity]" "quantity.B010L610EC" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_top_sim_0?_encoding=UTF8&amp;pd_rd_i=B0B1PXRM8F&amp;pd_rd_w=KdYND&amp;content-id=amzn1.sym.f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_p=f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_top_sim_1?_encoding=UTF8&amp;pd_rd_i=B08GYKNCCP&amp;pd_rd_w=KdYND&amp;content-id=amzn1.sym.f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_p=f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_top_sim_4?_encoding=UTF8&amp;pd_rd_i=B09WRFJYLF&amp;pd_rd_w=KdYND&amp;content-id=amzn1.sym.f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_p=f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_top_sim_6?_encoding=UTF8&amp;pd_rd_i=B0BFJCMQNV&amp;pd_rd_w=KdYND&amp;content-id=amzn1.sym.f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_p=f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_top_sim_7?_encoding=UTF8&amp;pd_rd_i=B09NBQ4K87&amp;pd_rd_w=KdYND&amp;content-id=amzn1.sym.f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_p=f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 14: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_top_sim_8?_encoding=UTF8&amp;pd_rd_i=B09QKF2M2S&amp;pd_rd_w=KdYND&amp;content-id=amzn1.sym.f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_p=f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 15: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_crh_rh_top_sim_12?_encoding=UTF8&amp;pd_rd_i=B0C9K5VLH7&amp;pd_rd_w=KdYND&amp;content-id=amzn1.sym.f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_p=f955a421-f296-47b8-98f4-e33d21582bdb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 16: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_0?_encoding=UTF8&amp;pd_rd_i=B08TJRVWV1&amp;pd_rd_w=1lKFx&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 17: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_1?_encoding=UTF8&amp;pd_rd_i=B09MQC7CHR&amp;pd_rd_w=1lKFx&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 18: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_6?_encoding=UTF8&amp;pd_rd_i=B088R1FDP2&amp;pd_rd_w=1lKFx&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 19: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_12?_encoding=UTF8&amp;pd_rd_i=B07Q7PKW5Z&amp;pd_rd_w=1lKFx&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 20: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pb-allspark-smartwagon_13?_encoding=UTF8&amp;pd_rd_i=B07W6PXRR8&amp;pd_rd_w=1lKFx&amp;content-id=amzn1.sym.6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_p=6a5abd06-a743-4100-a5fa-1d8dd34227fb&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 21: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_1?_encoding=UTF8&amp;pd_rd_i=B07TYBS47Z&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 22: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_2?_encoding=UTF8&amp;pd_rd_i=B073JYC4XM&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 23: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_3?_encoding=UTF8&amp;pd_rd_i=B082KHKG89&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 24: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_4?_encoding=UTF8&amp;pd_rd_i=B08V142ZWB&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 25: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_6?_encoding=UTF8&amp;pd_rd_i=B095WCW3YK&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 26: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_7?_encoding=UTF8&amp;pd_rd_i=B07K82GRDV&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 27: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_8?_encoding=UTF8&amp;pd_rd_i=B095KK4L57&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 28: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_pd_psc_sw_d_0_9?_encoding=UTF8&amp;pd_rd_i=B08XBH3Q3F&amp;pd_rd_w=C5aSH&amp;content-id=amzn1.sym.1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_p=1d28ac7f-44c0-42b9-97d8-bbded1b7098c&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 29: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form id="sw-ptc-form" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sw_proceed?proceedToCheckout=1&amp;oldCustomerId=0&amp;sessionID=147-4280155-9611859&amp;useDefaultCart=1" class="a-spacing-none a-spacing-top-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 30: "ue_back" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_0?_encoding=UTF8&amp;pd_rd_i=B0741FC1L4&amp;pd_rd_w=XLD8L&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "anti-csrftoken-a2z" "clientName" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "quantity.B0741FC1L4" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_1?_encoding=UTF8&amp;pd_rd_i=B0BZSXSZ6K&amp;pd_rd_w=XLD8L&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "clientName" "items[1.base][asin]" "items[1.base][offerListingId]" "items[1.base][quantity]" "quantity.B0BZSXSZ6K" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_2?_encoding=UTF8&amp;pd_rd_i=B0776RRR9Y&amp;pd_rd_w=XLD8L&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "items[2.base][asin]" "items[2.base][offerListingId]" "items[2.base][quantity]" "quantity.B0776RRR9Y" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_3?_encoding=UTF8&amp;pd_rd_i=B015TNSTUU&amp;pd_rd_w=XLD8L&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "items[3.base][asin]" "items[3.base][offerListingId]" "items[3.base][quantity]" "quantity.B015TNSTUU" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_4?_encoding=UTF8&amp;pd_rd_i=B0CHMYVYC1&amp;pd_rd_w=XLD8L&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "items[4.base][asin]" "items[4.base][offerListingId]" "items[4.base][quantity]" "quantity.B0CHMYVYC1" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_7?_encoding=UTF8&amp;pd_rd_i=B09LYLJD2Q&amp;pd_rd_w=XLD8L&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "items[7.base][asin]" "items[7.base][offerListingId]" "items[7.base][quantity]" "quantity.B09LYLJD2Q" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=sw_atc_a_d_sspa_dk_huc_pt_expsub_8?_encoding=UTF8&amp;pd_rd_i=B0CG1775PK&amp;pd_rd_w=XLD8L&amp;content-id=amzn1.sym.421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_p=421156cc-ae17-4608-955b-a8d126cb098e&amp;pf_rd_r=9C75EE09XNWCSZFWEHCA&amp;pd_rd_wg=tC4Ng&amp;pd_rd_r=141eb8ab-662f-48ad-8d81-7eb50a30a0dc" class="a-spacing-base">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "items[8.base][asin]" "items[8.base][offerListingId]" "items[8.base][quantity]" "quantity.B0CG1775PK" "spClickUrlATC" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&amp;pd_rd_i=B08SV2Y7J6&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 10: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&amp;pd_rd_i=B017VPIY4U&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 11: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&amp;pd_rd_i=B096X8471C&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 12: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 13: "ue_back" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form id="gutterCartViewForm" method="get" action="/gp/cart/desktop/go-to-checkout.html/ref=ox_sc_proceed">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "isToBeGiftWrappedBefore" "oldCustomerId" "proceedToCheckout" "proceedToRetailCheckout" "sc-buy-box-gift-checkbox" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form id="activeCartViewForm" method="post" action="/cart/ref=ord_cart_shr?app-nav-type=none&amp;dc=df">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "" "activePage" "anti-csrftoken-a2z" "quantity.Cd75356dd-2830-4681-9924-faa6607aea1b" "quantityBox" "requestID" "submit.compare.Cd75356dd-2830-4681-9924-faa6607aea1b" "submit.delete.Cd75356dd-2830-4681-9924-faa6607aea1b" "submit.move-to-cart.Cd75356dd-2830-4681-9924-faa6607aea1b" "submit.save-for-later.Cd75356dd-2830-4681-9924-faa6607aea1b" "submit.update-quantity.Cd75356dd-2830-4681-9924-faa6607aea1b" "timeStamp" "token" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form id="savedCartViewForm" method="post" action="/cart/ref=ord_cart_shr?app-nav-type=none&amp;dc=df">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 4: "anti-csrftoken-a2z" "requestID" "timeStamp" "token" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&amp;pd_rd_i=B0BBPJ1PW6&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 5: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&amp;pd_rd_i=B0BX2MXBH1&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 6: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&amp;pd_rd_i=B000XTPNZK&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 7: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&amp;pd_rd_i=B0BB9BMD7F&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 8: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <form method="post" action="/cart/add-to-cart/ref=nta-top-sellers_d_sccl_5_atc_a?_encoding=UTF8&amp;pd_rd_i=1649374178&amp;pd_rd_w=hVo97&amp;content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&amp;pf_rd_r=RM4WZ5FCT04YW1Y0B9VQ&amp;pd_rd_wg=jMjnC&amp;pd_rd_r=3c4d331b-ede9-47d9-b8e0-3541a5cf36c7" class="add-to-cart-data a-spacing-none">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 9: "anti-csrftoken-a2z" "clientName" "customizers" "isNeoAddToCart" "items[0.base][asin]" "items[0.base][offerListingId]" "items[0.base][quantity]" "submit.addToCart" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence <form id="nav-search-bar-form" accept-charset="utf-8" action="/s/ref=nb_sb_noss" class="nav-searchbar nav-progressive-attribute" method="GET" name="site-search" role="search" >
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "nav-search-submit-button" "twotabsearchtextbox" ].
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence <form method="post">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: "anti-csrftoken-a2z" "cross-context-behavioral-ads-opt-in" "cross-context-behavioral-ads-opt-out" "privacy-pref-save" ].
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence <form name='ue_backdetect' action="get">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 3: "ue_back" ].
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method POST
Parameter
Attack
Evidence <form id="a" accept-charset="utf-8" action="/s" method="GET" role="search">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "e" "f" ].
Instances 1535
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

For example, use anti-CSRF packages such as the OWASP CSRFGuard.

Phase: Implementation

Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.

Phase: Architecture and Design

Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).

Note that this can be bypassed using XSS.

Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.

Note that this can be bypassed using XSS.

Use the ESAPI Session Management control.

This control includes a component for CSRF.

Do not use the GET method for any request that triggers a state change.

Phase: Implementation

Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
Reference http://projects.webappsec.org/Cross-Site-Request-Forgery
https://cwe.mitre.org/data/definitions/352.html
CWE Id 352
WASC Id 9
Plugin Id 10202
Medium
CSP: Wildcard Directive
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks. Including (but not limited to) Cross Site Scripting (XSS), and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/amazonprime
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b?*node=7454898011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b?*node=7454917011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b?*node=7454927011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b?*node=7454939011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b?*node=9052533011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/baby-reg/homepage/?_encoding=UTF8&ref_=sv_wl_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/baby-reg/homepage/ref=wl_hz_intro
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/baby-reg/homepage?ie=UTF8&ref_=sv_cm_gft_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/baby-reg/search-results
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/business/register/org/landing?ref_=footer_retail_b2b
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/events/deals
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gift-cards/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/css/homepage.html/147-4280155-9611859?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/css/homepage.html?ref_=footer_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/css/homepage.html?ref_=nav_AccountFlyout_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/css/order-history?ref_=footer_yo
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/css/order-history?ref_=nav_AccountFlyout_orders
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/css/order-history?ref_=nav_orders_first
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/accessibility
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=13316081&ref_=sv_ys_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=897204&ref_=sv_wl_8&sr=1-1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html/?nodeId=G7DZMQDVP963VXJS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201910160
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201971070&ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=202075050
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468496&ref_=footer_privacy
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468520&ref_=footer_shiprates
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468556
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508088&ref_=footer_cou
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=footer_gw_m_b_he
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=nav_cs_customerservice
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GA22MNAVD7XADYG9
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GDFU3JS5AL6SYHRD&ref_=footer_covid
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GLQP8385T78LUERA&ref_=universal_registries_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GWS7X8NH29WQEK5X
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/%3C%23=cItem.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/pdp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/pdp/profile/?ie=UTF8&ref_=sv_ys_4
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/promotion/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/twister/ajaxv2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/video/dvd-rental/settings
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/contact-us/ajax/initiate-trusted-contact/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/help/contact/*/message/$
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/leaderboard/top-reviewers/
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/wishlist/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/wishlist/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/wishlist/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/wishlist/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/Martha-Freeman/e/B004MPJKKK?qid=1701867726&ref=sr_ntt_srch_lnk_49&sr=8-49
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/music/prime
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/music/unlimited
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/Paul-Fleischman/e/B000AQ8WWW?qid=1701867726&ref=sr_ntt_srch_lnk_21&sr=8-21
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/Rebecca-Yarros/e/B00HYKBU1W/ref=nta-top-sellers_d_sccl_1_5_bl/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/sp
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/sp?*seller=ABVFEJU8LS620
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/home
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=9nNwZbv_G7KGxc8PguiX8Aw&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-5_Zu6xOdjUUTwRtuELe9Og' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=enNwZb-BAf6Hxc8Puve3uAM&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ZWWU_aWiiQ7IbCFu3Ah9mg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=IHNwZfq3KfaSxc8P3rOK6A8&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lPfzxFMvg5CpQaCleT4sQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=OXRwZaGRF5mTxc8P9LOdoAQ&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-mE98iAX4C-ndNt79lN5FpA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-QgMv-ecd93aHQ9GEdPx28w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SnYqbuzu7xtmJP6Ol89kjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-iXUtPqcEvllEg6VgFzl4Hg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nLnRMHYpyhympjrYIMOF7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868533756&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-RYWwcYRn-HvhvEumJTA69w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868409068&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nfnFM3uwoYzI_L2fdUGz0g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868319603&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-th-cxHithqnpKwTkPwDqmg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868600339&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vaxvHsWjBRDGP4bZ9qS7Uw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-PQFUcQF6R9BPajqilW8kHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868535272&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ltR8pwsh3v-JcXI12iGpCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868411083&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-kLKWHdsOAfIq13yFMFzyTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868322593&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SZoJH3W1y0bEZWgclu3djA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868602516&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-GobDZNRHMD1Qw9rr-sfmjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /_/ConsentHttp/cspreport
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-hCnY-0mTvc6w5bcLYoVy1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentHttp/cspreport;worker-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentHttp/cspreport/allowlist
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /csp/_/CspCollectorHttp/cspreport
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-Q878jjf0NyrGJ-BOvm7oHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-Sl1GXDuLT8nslzfHsLXbKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-WeGQKYizaHlrl9JEUfOuOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-yaoP-O6SYhHCsOU-i7xaVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /csp/_/CspCollectorHttp/cspreport/allowlist
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: script-src, style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, object-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=-HNwZfb8Kcrg7_UP7PqVwAE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&hp=&rt=ttfb.233,st.235,bs.27,aaft.238,acrt.238,art.238&zx=1701868535350&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-P2c-vYo00PP3pJpTQlDw-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448&zx=1701868535110&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-us6xjCBu2RE6YclWpxx5aQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448,hpbarr.241&zx=1701868535351&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Thr-pMxBIX_0WVVFIKNjdg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.40,aft.824,prt.175,xjses.474,xjsee.596,xjs.597,dcl.600,afti.824,aftqf.825,lcp.447,fcp.447,wsrt.971,cst.321,dnst.0,rqst.650,rspt.4,sslt.16,rqstt.325,unt.2,cstt.3,dit.1152&zx=1701868534492&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-O_oMlCs4gLdhx6gq8KnLxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560&zx=1701868410521&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-AMnEbXx-5m1nShAo2UtyVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560,hpbarr.279&zx=1701868410800&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lq8ecAO0mUA37uus1vyg7w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.635,prt.174,afti.635,aftqf.636,xjses.663,xjsee.746,xjs.746,lcp.457,fcp.457,wsrt.706,cst.314,dnst.0,rqst.389,rspt.2,sslt.12,rqstt.319,unt.2,cstt.4,dit.886&zx=1701868409716&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-K2c8zQ0UA1FPzrlZmvC-XQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=fHNwZfSWBdKyi-gPj4-7-AE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&hp=&rt=ttfb.271,st.272,bs.27,aaft.276,acrt.276,art.276&zx=1701868410799&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-97mMpYPvmcnRjTYoNmQpYg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555&zx=1701868321064&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-pMqTdzP5DI315R169D7ugQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555,hpbarr.209&zx=1701868321274&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UFpQWLTvLtLXp3DvFpJ4A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=all&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=6&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.1183,prt.163,afti.1183,cbs.38,cbt.668,xjses.704,xjsee.779,xjs.780,dcl.784,aftqf.1184,lcp.447,fcp.447,wsrt.1333,cst.695,dnst.0,rqst.390,rspt.2,sslt.376,rqstt.945,unt.1,cstt.249,dit.1502&zx=1701868320699&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-aAQGrW2Q7OYgFHGpyerjiA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Ff1VDZXh4bQnyZvQRAtAxg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=InNwZaiSJZHzsAeliYXgDg&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&hp=&rt=ttfb.202,st.204,bs.27,aaft.206,acrt.206,art.207&zx=1701868321272&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-UrSgYpU3zPd9RCKcUmW2TQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=O3RwZdnnFPuA9u8Pt4-OsAY&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&hp=&rt=ttfb.289,st.291,bs.27,aaft.293,acrt.293,art.294&zx=1701868601996&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-6g48LGx5f9MA5WUX_JwGFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476&zx=1701868601701&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-MMguFbOa8bWJUoJwtTLzaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476,hpbarr.297&zx=1701868601997&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-15sQgU2Nygoi3eCkw1QG9w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.56,aft.711,prt.202,afti.711,aftqf.712,xjses.899,xjsee.996,xjs.996,lcp.603,fcp.603,wsrt.605,cst.312,dnst.0,rqst.295,rspt.5,sslt.17,rqstt.315,unt.1,cstt.2,dit.817&zx=1701868601231&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-G7eLPRS0swu6wj2hgPcaAg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&ct=slh&v=t1&m=HV&pv=0.012108404164933084&me=1:1701868533836,V,0,0,826,757:0,B,757:0,N,1,9nNwZbv_G7KGxc8PguiX8Aw:0,R,1,1,0,0,826,757:1281,x:3548,e,B&zx=1701868538667&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fd6SQ-O0GKpMPEczoxsouw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&dt19=3&zx=1701868535104&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-_UYVdIADZ1ob7jqmhhN01w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=enNwZb-BAf6Hxc8Puve3uAM&dt19=3&zx=1701868410516&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce--vEjV1VqMpO3mHRX4Kzp4Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&im=M&pv=0.4899438790134052&me=10:1701868340931,V,0,0,0,0:4022,V,0,0,826,757:72,h,1,1,i:959,G,1,1,682,590:232,h,1,1,o:6576,h,1,1,i:2592,h,1,1,o:5824,e,U&zx=1701868361208&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vbyh1FnNAizUyxsIxQeXgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&m=HV&pv=0.4899438790134052&me=1:1701868319672,V,0,0,826,757:0,B,757:0,N,1,IHNwZfq3KfaSxc8P3rOK6A8:0,R,1,1,0,0,826,757:1398,x:6814,e,B&zx=1701868327885&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fWzmbbRwgUMunk7Djaxm_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&pv=0.4899438790134052&me=7:1701868327885,V,0,0,0,0:10232,V,0,0,826,757:2813,e,B&zx=1701868340930&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-qFnt5QH7afPPMHFwNK0FHQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&dt19=3&zx=1701868321061&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-wEMqjtW-nS5nBmd4JE4xjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&ct=slh&v=t1&m=HV&pv=0.8756538942773218&me=1:1701868600425,V,0,0,826,757:0,B,757:0,N,1,OXRwZaGRF5mTxc8P9LOdoAQ:0,R,1,1,0,0,826,757:1282,x:3081,e,B&zx=1701868604790&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Q-jLaJwaTEGpBvq2wS0Nnw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&dt19=3&zx=1701868601697&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hArn8l2ALnfOcVMCjJxcig' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?ei=9nNwZbv_G7KGxc8PguiX8Aw&vet=10ahUKEwi70s2r8vqCAxUyQ_EDHQL0Bc4QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UjiKrS_MKIt8Yqw6oUwJQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?ei=enNwZb-BAf6Hxc8Puve3uAM&vet=10ahUKEwi_pqLw8fqCAxX-Q_EDHbr7DTcQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hdLi45fr7TJZyhiFijFvFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&ved=0ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QiZAHCHk&uact=3&bl=btNu&s=webhp
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-8HdP6a37nm0gNl_4Q_Pm8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0YAqaBqPTYeT-quFG4N2Aw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Cnx-59jLB1Zyr4r33ErvlA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?ei=OXRwZaGRF5mTxc8P9LOdoAQ&vet=10ahUKEwjhkcLL8vqCAxWZSfEDHfRZB0QQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Y_HuFfqBL2n4HA1JV4QW7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&rt=wsrt.971,aft.824,afti.824,hst.40,prt.175&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Mqx4sdNKLYlOlg8_buBDSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&rt=wsrt.706,aft.635,afti.635,hst.38,prt.174&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-FUNFyk7I45T6QfW56tiDrw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.1183,afti.1183,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-1MTVsXVJCiOuG3G2Wheh4w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&rt=wsrt.605,aft.711,afti.711,hst.56,prt.202&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-zSvrrTGMaPcDSthSQ2GaJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.176,afti.176,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-9-MXAJC_yKCMbg9UHqnoXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: style-src, img-src, connect-src, frame-src, frame-ancestors, font-src, media-src, manifest-src, worker-src, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
Instances 324
Solution
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
Reference http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/
http://caniuse.com/#search=content+security+policy
http://content-security-policy.com/
https://github.com/shapesecurity/salvation
https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources
CWE Id 693
WASC Id 15
Plugin Id 10055
Medium
CSP: script-src unsafe-eval
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks. Including (but not limited to) Cross Site Scripting (XSS), and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=9nNwZbv_G7KGxc8PguiX8Aw&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-5_Zu6xOdjUUTwRtuELe9Og' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=enNwZb-BAf6Hxc8Puve3uAM&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ZWWU_aWiiQ7IbCFu3Ah9mg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=IHNwZfq3KfaSxc8P3rOK6A8&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lPfzxFMvg5CpQaCleT4sQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=OXRwZaGRF5mTxc8P9LOdoAQ&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-mE98iAX4C-ndNt79lN5FpA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-QgMv-ecd93aHQ9GEdPx28w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SnYqbuzu7xtmJP6Ol89kjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-iXUtPqcEvllEg6VgFzl4Hg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nLnRMHYpyhympjrYIMOF7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868533756&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-RYWwcYRn-HvhvEumJTA69w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868409068&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nfnFM3uwoYzI_L2fdUGz0g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868319603&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-th-cxHithqnpKwTkPwDqmg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868600339&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vaxvHsWjBRDGP4bZ9qS7Uw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-PQFUcQF6R9BPajqilW8kHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868535272&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ltR8pwsh3v-JcXI12iGpCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868411083&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-kLKWHdsOAfIq13yFMFzyTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868322593&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SZoJH3W1y0bEZWgclu3djA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868602516&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-GobDZNRHMD1Qw9rr-sfmjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=-HNwZfb8Kcrg7_UP7PqVwAE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&hp=&rt=ttfb.233,st.235,bs.27,aaft.238,acrt.238,art.238&zx=1701868535350&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-P2c-vYo00PP3pJpTQlDw-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448&zx=1701868535110&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-us6xjCBu2RE6YclWpxx5aQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448,hpbarr.241&zx=1701868535351&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Thr-pMxBIX_0WVVFIKNjdg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.40,aft.824,prt.175,xjses.474,xjsee.596,xjs.597,dcl.600,afti.824,aftqf.825,lcp.447,fcp.447,wsrt.971,cst.321,dnst.0,rqst.650,rspt.4,sslt.16,rqstt.325,unt.2,cstt.3,dit.1152&zx=1701868534492&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-O_oMlCs4gLdhx6gq8KnLxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560&zx=1701868410521&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-AMnEbXx-5m1nShAo2UtyVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560,hpbarr.279&zx=1701868410800&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lq8ecAO0mUA37uus1vyg7w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.635,prt.174,afti.635,aftqf.636,xjses.663,xjsee.746,xjs.746,lcp.457,fcp.457,wsrt.706,cst.314,dnst.0,rqst.389,rspt.2,sslt.12,rqstt.319,unt.2,cstt.4,dit.886&zx=1701868409716&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-K2c8zQ0UA1FPzrlZmvC-XQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=fHNwZfSWBdKyi-gPj4-7-AE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&hp=&rt=ttfb.271,st.272,bs.27,aaft.276,acrt.276,art.276&zx=1701868410799&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-97mMpYPvmcnRjTYoNmQpYg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555&zx=1701868321064&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-pMqTdzP5DI315R169D7ugQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555,hpbarr.209&zx=1701868321274&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UFpQWLTvLtLXp3DvFpJ4A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=all&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=6&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.1183,prt.163,afti.1183,cbs.38,cbt.668,xjses.704,xjsee.779,xjs.780,dcl.784,aftqf.1184,lcp.447,fcp.447,wsrt.1333,cst.695,dnst.0,rqst.390,rspt.2,sslt.376,rqstt.945,unt.1,cstt.249,dit.1502&zx=1701868320699&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-aAQGrW2Q7OYgFHGpyerjiA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Ff1VDZXh4bQnyZvQRAtAxg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=InNwZaiSJZHzsAeliYXgDg&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&hp=&rt=ttfb.202,st.204,bs.27,aaft.206,acrt.206,art.207&zx=1701868321272&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-UrSgYpU3zPd9RCKcUmW2TQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=O3RwZdnnFPuA9u8Pt4-OsAY&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&hp=&rt=ttfb.289,st.291,bs.27,aaft.293,acrt.293,art.294&zx=1701868601996&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-6g48LGx5f9MA5WUX_JwGFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476&zx=1701868601701&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-MMguFbOa8bWJUoJwtTLzaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476,hpbarr.297&zx=1701868601997&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-15sQgU2Nygoi3eCkw1QG9w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.56,aft.711,prt.202,afti.711,aftqf.712,xjses.899,xjsee.996,xjs.996,lcp.603,fcp.603,wsrt.605,cst.312,dnst.0,rqst.295,rspt.5,sslt.17,rqstt.315,unt.1,cstt.2,dit.817&zx=1701868601231&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-G7eLPRS0swu6wj2hgPcaAg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&ct=slh&v=t1&m=HV&pv=0.012108404164933084&me=1:1701868533836,V,0,0,826,757:0,B,757:0,N,1,9nNwZbv_G7KGxc8PguiX8Aw:0,R,1,1,0,0,826,757:1281,x:3548,e,B&zx=1701868538667&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fd6SQ-O0GKpMPEczoxsouw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&dt19=3&zx=1701868535104&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-_UYVdIADZ1ob7jqmhhN01w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=enNwZb-BAf6Hxc8Puve3uAM&dt19=3&zx=1701868410516&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce--vEjV1VqMpO3mHRX4Kzp4Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&im=M&pv=0.4899438790134052&me=10:1701868340931,V,0,0,0,0:4022,V,0,0,826,757:72,h,1,1,i:959,G,1,1,682,590:232,h,1,1,o:6576,h,1,1,i:2592,h,1,1,o:5824,e,U&zx=1701868361208&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vbyh1FnNAizUyxsIxQeXgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&m=HV&pv=0.4899438790134052&me=1:1701868319672,V,0,0,826,757:0,B,757:0,N,1,IHNwZfq3KfaSxc8P3rOK6A8:0,R,1,1,0,0,826,757:1398,x:6814,e,B&zx=1701868327885&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fWzmbbRwgUMunk7Djaxm_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&pv=0.4899438790134052&me=7:1701868327885,V,0,0,0,0:10232,V,0,0,826,757:2813,e,B&zx=1701868340930&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-qFnt5QH7afPPMHFwNK0FHQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&dt19=3&zx=1701868321061&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-wEMqjtW-nS5nBmd4JE4xjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&ct=slh&v=t1&m=HV&pv=0.8756538942773218&me=1:1701868600425,V,0,0,826,757:0,B,757:0,N,1,OXRwZaGRF5mTxc8P9LOdoAQ:0,R,1,1,0,0,826,757:1282,x:3081,e,B&zx=1701868604790&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Q-jLaJwaTEGpBvq2wS0Nnw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&dt19=3&zx=1701868601697&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hArn8l2ALnfOcVMCjJxcig' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?ei=9nNwZbv_G7KGxc8PguiX8Aw&vet=10ahUKEwi70s2r8vqCAxUyQ_EDHQL0Bc4QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UjiKrS_MKIt8Yqw6oUwJQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?ei=enNwZb-BAf6Hxc8Puve3uAM&vet=10ahUKEwi_pqLw8fqCAxX-Q_EDHbr7DTcQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hdLi45fr7TJZyhiFijFvFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&ved=0ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QiZAHCHk&uact=3&bl=btNu&s=webhp
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-8HdP6a37nm0gNl_4Q_Pm8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0YAqaBqPTYeT-quFG4N2Aw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Cnx-59jLB1Zyr4r33ErvlA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?ei=OXRwZaGRF5mTxc8P9LOdoAQ&vet=10ahUKEwjhkcLL8vqCAxWZSfEDHfRZB0QQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Y_HuFfqBL2n4HA1JV4QW7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&rt=wsrt.971,aft.824,afti.824,hst.40,prt.175&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Mqx4sdNKLYlOlg8_buBDSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&rt=wsrt.706,aft.635,afti.635,hst.38,prt.174&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-FUNFyk7I45T6QfW56tiDrw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.1183,afti.1183,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-1MTVsXVJCiOuG3G2Wheh4w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&rt=wsrt.605,aft.711,afti.711,hst.56,prt.202&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-zSvrrTGMaPcDSthSQ2GaJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
URL https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.176,afti.176,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-9-MXAJC_yKCMbg9UHqnoXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info script-src includes unsafe-eval.
Instances 54
Solution
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
Reference http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/
http://caniuse.com/#search=content+security+policy
http://content-security-policy.com/
https://github.com/shapesecurity/salvation
https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources
CWE Id 693
WASC Id 15
Plugin Id 10055
Medium
CSP: script-src unsafe-inline
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks. Including (but not limited to) Cross Site Scripting (XSS), and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/amazonprime
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454898011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454917011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454927011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454939011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=9052533011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/homepage/?_encoding=UTF8&ref_=sv_wl_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/homepage/ref=wl_hz_intro
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/homepage?ie=UTF8&ref_=sv_cm_gft_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/search-results
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/business/register/org/landing?ref_=footer_retail_b2b
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/events/deals
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html/147-4280155-9611859?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html?ref_=footer_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html?ref_=nav_AccountFlyout_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/order-history?ref_=footer_yo
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/order-history?ref_=nav_AccountFlyout_orders
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/order-history?ref_=nav_orders_first
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/accessibility
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=13316081&ref_=sv_ys_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=897204&ref_=sv_wl_8&sr=1-1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/?nodeId=G7DZMQDVP963VXJS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201910160
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201971070&ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=202075050
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468496&ref_=footer_privacy
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468520&ref_=footer_shiprates
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468556
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508088&ref_=footer_cou
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=footer_gw_m_b_he
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=nav_cs_customerservice
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GA22MNAVD7XADYG9
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GDFU3JS5AL6SYHRD&ref_=footer_covid
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GLQP8385T78LUERA&ref_=universal_registries_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GWS7X8NH29WQEK5X
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=cItem.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/pdp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/pdp/profile/?ie=UTF8&ref_=sv_ys_4
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/promotion/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/twister/ajaxv2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/video/dvd-rental/settings
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/contact-us/ajax/initiate-trusted-contact/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/help/contact/*/message/$
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/leaderboard/top-reviewers/
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/Martha-Freeman/e/B004MPJKKK?qid=1701867726&ref=sr_ntt_srch_lnk_49&sr=8-49
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/music/prime
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/Paul-Fleischman/e/B000AQ8WWW?qid=1701867726&ref=sr_ntt_srch_lnk_21&sr=8-21
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/Rebecca-Yarros/e/B00HYKBU1W/ref=nta-top-sellers_d_sccl_1_5_bl/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/sp
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/sp?*seller=ABVFEJU8LS620
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/home
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /_/ConsentHttp/cspreport
Other Info script-src includes unsafe-inline.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentHttp/cspreport/allowlist
Other Info script-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /csp/_/CspCollectorHttp/cspreport
Other Info script-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /csp/_/CspCollectorHttp/cspreport/allowlist
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info script-src includes unsafe-inline.
Instances 265
Solution
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
Reference http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/
http://caniuse.com/#search=content+security+policy
http://content-security-policy.com/
https://github.com/shapesecurity/salvation
https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources
CWE Id 693
WASC Id 15
Plugin Id 10055
Medium
CSP: style-src unsafe-inline
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks. Including (but not limited to) Cross Site Scripting (XSS), and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/amazonprime
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454898011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454917011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454927011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=7454939011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b?*node=9052533011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/homepage/?_encoding=UTF8&ref_=sv_wl_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/homepage/ref=wl_hz_intro
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/homepage?ie=UTF8&ref_=sv_cm_gft_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/baby-reg/search-results
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/business/register/org/landing?ref_=footer_retail_b2b
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/events/deals
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gift-cards/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html/147-4280155-9611859?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html?ref_=footer_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/homepage.html?ref_=nav_AccountFlyout_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/order-history?ref_=footer_yo
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/order-history?ref_=nav_AccountFlyout_orders
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/css/order-history?ref_=nav_orders_first
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/accessibility
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=13316081&ref_=sv_ys_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=897204&ref_=sv_wl_8&sr=1-1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/?nodeId=G7DZMQDVP963VXJS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201910160
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201971070&ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=202075050
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468496&ref_=footer_privacy
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468520&ref_=footer_shiprates
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468556
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508088&ref_=footer_cou
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=footer_gw_m_b_he
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=nav_cs_customerservice
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GA22MNAVD7XADYG9
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GDFU3JS5AL6SYHRD&ref_=footer_covid
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GLQP8385T78LUERA&ref_=universal_registries_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GWS7X8NH29WQEK5X
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=cItem.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/pdp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/pdp/profile/?ie=UTF8&ref_=sv_ys_4
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/promotion/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/twister/ajaxv2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/video/dvd-rental/settings
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/contact-us/ajax/initiate-trusted-contact/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/help/contact/*/message/$
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/leaderboard/top-reviewers/
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/Martha-Freeman/e/B004MPJKKK?qid=1701867726&ref=sr_ntt_srch_lnk_49&sr=8-49
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/music/prime
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/Paul-Fleischman/e/B000AQ8WWW?qid=1701867726&ref=sr_ntt_srch_lnk_21&sr=8-21
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/Rebecca-Yarros/e/B00HYKBU1W/ref=nta-top-sellers_d_sccl_1_5_bl/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/sp
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/sp?*seller=ABVFEJU8LS620
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/home
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=9nNwZbv_G7KGxc8PguiX8Aw&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-5_Zu6xOdjUUTwRtuELe9Og' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=enNwZb-BAf6Hxc8Puve3uAM&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ZWWU_aWiiQ7IbCFu3Ah9mg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=IHNwZfq3KfaSxc8P3rOK6A8&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lPfzxFMvg5CpQaCleT4sQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=OXRwZaGRF5mTxc8P9LOdoAQ&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-mE98iAX4C-ndNt79lN5FpA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-QgMv-ecd93aHQ9GEdPx28w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SnYqbuzu7xtmJP6Ol89kjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-iXUtPqcEvllEg6VgFzl4Hg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nLnRMHYpyhympjrYIMOF7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868533756&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-RYWwcYRn-HvhvEumJTA69w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868409068&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nfnFM3uwoYzI_L2fdUGz0g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868319603&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-th-cxHithqnpKwTkPwDqmg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868600339&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vaxvHsWjBRDGP4bZ9qS7Uw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-PQFUcQF6R9BPajqilW8kHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868535272&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ltR8pwsh3v-JcXI12iGpCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868411083&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-kLKWHdsOAfIq13yFMFzyTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868322593&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SZoJH3W1y0bEZWgclu3djA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868602516&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-GobDZNRHMD1Qw9rr-sfmjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /_/ConsentHttp/cspreport
Other Info style-src includes unsafe-inline.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-hCnY-0mTvc6w5bcLYoVy1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentHttp/cspreport;worker-src 'self'
Other Info style-src includes unsafe-inline.
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentHttp/cspreport/allowlist
Other Info style-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /csp/_/CspCollectorHttp/cspreport
Other Info style-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-Q878jjf0NyrGJ-BOvm7oHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info style-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-Sl1GXDuLT8nslzfHsLXbKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info style-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-WeGQKYizaHlrl9JEUfOuOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info style-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-yaoP-O6SYhHCsOU-i7xaVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info style-src includes unsafe-inline.
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /csp/_/CspCollectorHttp/cspreport/allowlist
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=-HNwZfb8Kcrg7_UP7PqVwAE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&hp=&rt=ttfb.233,st.235,bs.27,aaft.238,acrt.238,art.238&zx=1701868535350&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-P2c-vYo00PP3pJpTQlDw-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448&zx=1701868535110&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-us6xjCBu2RE6YclWpxx5aQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448,hpbarr.241&zx=1701868535351&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Thr-pMxBIX_0WVVFIKNjdg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.40,aft.824,prt.175,xjses.474,xjsee.596,xjs.597,dcl.600,afti.824,aftqf.825,lcp.447,fcp.447,wsrt.971,cst.321,dnst.0,rqst.650,rspt.4,sslt.16,rqstt.325,unt.2,cstt.3,dit.1152&zx=1701868534492&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-O_oMlCs4gLdhx6gq8KnLxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560&zx=1701868410521&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-AMnEbXx-5m1nShAo2UtyVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560,hpbarr.279&zx=1701868410800&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lq8ecAO0mUA37uus1vyg7w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.635,prt.174,afti.635,aftqf.636,xjses.663,xjsee.746,xjs.746,lcp.457,fcp.457,wsrt.706,cst.314,dnst.0,rqst.389,rspt.2,sslt.12,rqstt.319,unt.2,cstt.4,dit.886&zx=1701868409716&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-K2c8zQ0UA1FPzrlZmvC-XQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=fHNwZfSWBdKyi-gPj4-7-AE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&hp=&rt=ttfb.271,st.272,bs.27,aaft.276,acrt.276,art.276&zx=1701868410799&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-97mMpYPvmcnRjTYoNmQpYg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555&zx=1701868321064&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-pMqTdzP5DI315R169D7ugQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555,hpbarr.209&zx=1701868321274&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UFpQWLTvLtLXp3DvFpJ4A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=all&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=6&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.1183,prt.163,afti.1183,cbs.38,cbt.668,xjses.704,xjsee.779,xjs.780,dcl.784,aftqf.1184,lcp.447,fcp.447,wsrt.1333,cst.695,dnst.0,rqst.390,rspt.2,sslt.376,rqstt.945,unt.1,cstt.249,dit.1502&zx=1701868320699&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-aAQGrW2Q7OYgFHGpyerjiA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Ff1VDZXh4bQnyZvQRAtAxg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=InNwZaiSJZHzsAeliYXgDg&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&hp=&rt=ttfb.202,st.204,bs.27,aaft.206,acrt.206,art.207&zx=1701868321272&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-UrSgYpU3zPd9RCKcUmW2TQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=O3RwZdnnFPuA9u8Pt4-OsAY&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&hp=&rt=ttfb.289,st.291,bs.27,aaft.293,acrt.293,art.294&zx=1701868601996&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-6g48LGx5f9MA5WUX_JwGFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476&zx=1701868601701&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-MMguFbOa8bWJUoJwtTLzaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476,hpbarr.297&zx=1701868601997&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-15sQgU2Nygoi3eCkw1QG9w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.56,aft.711,prt.202,afti.711,aftqf.712,xjses.899,xjsee.996,xjs.996,lcp.603,fcp.603,wsrt.605,cst.312,dnst.0,rqst.295,rspt.5,sslt.17,rqstt.315,unt.1,cstt.2,dit.817&zx=1701868601231&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-G7eLPRS0swu6wj2hgPcaAg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&ct=slh&v=t1&m=HV&pv=0.012108404164933084&me=1:1701868533836,V,0,0,826,757:0,B,757:0,N,1,9nNwZbv_G7KGxc8PguiX8Aw:0,R,1,1,0,0,826,757:1281,x:3548,e,B&zx=1701868538667&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fd6SQ-O0GKpMPEczoxsouw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&dt19=3&zx=1701868535104&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-_UYVdIADZ1ob7jqmhhN01w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=enNwZb-BAf6Hxc8Puve3uAM&dt19=3&zx=1701868410516&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce--vEjV1VqMpO3mHRX4Kzp4Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&im=M&pv=0.4899438790134052&me=10:1701868340931,V,0,0,0,0:4022,V,0,0,826,757:72,h,1,1,i:959,G,1,1,682,590:232,h,1,1,o:6576,h,1,1,i:2592,h,1,1,o:5824,e,U&zx=1701868361208&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vbyh1FnNAizUyxsIxQeXgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&m=HV&pv=0.4899438790134052&me=1:1701868319672,V,0,0,826,757:0,B,757:0,N,1,IHNwZfq3KfaSxc8P3rOK6A8:0,R,1,1,0,0,826,757:1398,x:6814,e,B&zx=1701868327885&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fWzmbbRwgUMunk7Djaxm_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&pv=0.4899438790134052&me=7:1701868327885,V,0,0,0,0:10232,V,0,0,826,757:2813,e,B&zx=1701868340930&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-qFnt5QH7afPPMHFwNK0FHQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&dt19=3&zx=1701868321061&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-wEMqjtW-nS5nBmd4JE4xjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&ct=slh&v=t1&m=HV&pv=0.8756538942773218&me=1:1701868600425,V,0,0,826,757:0,B,757:0,N,1,OXRwZaGRF5mTxc8P9LOdoAQ:0,R,1,1,0,0,826,757:1282,x:3081,e,B&zx=1701868604790&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Q-jLaJwaTEGpBvq2wS0Nnw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&dt19=3&zx=1701868601697&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hArn8l2ALnfOcVMCjJxcig' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?ei=9nNwZbv_G7KGxc8PguiX8Aw&vet=10ahUKEwi70s2r8vqCAxUyQ_EDHQL0Bc4QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UjiKrS_MKIt8Yqw6oUwJQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?ei=enNwZb-BAf6Hxc8Puve3uAM&vet=10ahUKEwi_pqLw8fqCAxX-Q_EDHbr7DTcQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hdLi45fr7TJZyhiFijFvFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&ved=0ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QiZAHCHk&uact=3&bl=btNu&s=webhp
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-8HdP6a37nm0gNl_4Q_Pm8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0YAqaBqPTYeT-quFG4N2Aw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Cnx-59jLB1Zyr4r33ErvlA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?ei=OXRwZaGRF5mTxc8P9LOdoAQ&vet=10ahUKEwjhkcLL8vqCAxWZSfEDHfRZB0QQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Y_HuFfqBL2n4HA1JV4QW7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&rt=wsrt.971,aft.824,afti.824,hst.40,prt.175&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Mqx4sdNKLYlOlg8_buBDSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&rt=wsrt.706,aft.635,afti.635,hst.38,prt.174&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-FUNFyk7I45T6QfW56tiDrw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.1183,afti.1183,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-1MTVsXVJCiOuG3G2Wheh4w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&rt=wsrt.605,aft.711,afti.711,hst.56,prt.202&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-zSvrrTGMaPcDSthSQ2GaJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
URL https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.176,afti.176,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-9-MXAJC_yKCMbg9UHqnoXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info style-src includes unsafe-inline.
Instances 324
Solution
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
Reference http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/
http://caniuse.com/#search=content+security+policy
http://content-security-policy.com/
https://github.com/shapesecurity/salvation
https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources
CWE Id 693
WASC Id 15
Plugin Id 10055
Medium
Content Security Policy (CSP) Header Not Set
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAGE_VISIBILITY
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1679317318&target=OPTIMIZATION_TARGET_LANGUAGE_DETECTION
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698073325&target=OPTIMIZATION_TARGET_CLIENT_SIDE_PHISHING
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678108&target=OPTIMIZATION_TARGET_GEOLOCATION_PERMISSION_PREDICTIONS
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678199&target=OPTIMIZATION_TARGET_NOTIFICATION_PERMISSION_PREDICTIONS
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E1HJY
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E1NYI
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E1Q5Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E1TOM
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E1WYO
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E204K
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E236A
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E260I
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E28WO
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E2BC6
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E2DPQ
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E2GU8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E2J14
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/B00M3E2LOE
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/gcrnsts
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/-/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/-/en$
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/-/es/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/-/he$
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/-/he/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/-/zh_TW$
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/-/zh_TW/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/1.5x
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/139_QL70_.jpg
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/2.5000x
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/2.5x
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/208.5_QL70_.jpg
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/2192_AC_SX139_SY100_QL70_.png
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/2192_AC_SX208.5_SY150_QL70_.png
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/2192_AC_SX278_SY200_QL70_.png
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/278_QL70_.jpg
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/400_AC_SX139_SY100_QL70_.jpg
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/400_AC_SX208.5_SY150_QL70_.jpg
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/400_AC_SX278_SY200_QL70_.jpg
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/403_AC_SX139_SY100_QL70_.png
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/403_AC_SX208.5_SY150_QL70_.png
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/403_AC_SX278_SY200_QL70_.png
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/404
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_5
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_6
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_7
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/?ref_=footer_logo
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin/ref=cart_empty_sign_in?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcart%3Fapp-nav-type%3Dnone%26dc%3Ddf
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dfooter_yo&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_AccountFlyout_orders&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_orders_first&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub%2F
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_psr_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fspr%2Freturns%2Fhomepage%2Fhomepage.html%3Fref_%3Dfooter_hy_f_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_subscribe_save_myd_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fauto-deliveries%2Fviewsubscriptions%3Fref_%3Dnav_AccountFlyout_sns
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_wishlist_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fls&pageId=Amazon
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ASUS-NVIDIA-GeForce-Graphics-DisplayPort/dp/B0BQTVQQP4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0BQTVQQP4&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?_encoding=UTF8&ld=AZUSSOA-sell&node=12766669011&ref_=nav_cs_sell
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Bac-Zap-Odor-Eliminator-1_gallon/dp/B007MCJJWE/ref=sr_1_29?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Barbie-DreamHouse-Furniture-Accessories-Wheelchair-Accessible/dp/B08V1R73H9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B08V1R73H9&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Chispee-Finishing-Weaving-Leather-Melting/dp/B0CHK2D5PM/ref=sr_1_36?keywords=ZAP&qid=1701867726&sr=8-36
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Cleansing-Conditioner-Treatment-Sulfur-Greasy/dp/B08WCMNBWC/ref=sr_1_31?keywords=ZAP&qid=1701867726&sr=8-31
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Ding-Zap-Falcones-Emergency-Repair/dp/B0BF7NXYMG/ref=sr_1_41?keywords=ZAP&qid=1701867726&sr=8-41
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/B088R7QF3J?binding=kindle_edition&qid=1701867726&ref_=dbs_s_aps_series_rwt_tkin&searchxofy=true&sr=8-50
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/e-mail-friend/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/manual-submit/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/product-availability/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/rate-this-item/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/shipping/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/twister-update/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Mosiller-Rechargeable-Powerful-Mosquitoes/dp/B09Q8W67XQ/ref=sr_1_57?keywords=ZAP&qid=1701867726&sr=8-57
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Swatter-Racket-Rechargeable-Charging/dp/B08GWRCQKJ/ref=sr_1_55?keywords=ZAP&qid=1701867726&sr=8-55
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Swatter-Rechargeable-Attractant-Charging/dp/B085DNM6JC/ref=sr_1_6?keywords=ZAP&qid=1701867726&sr=8-6
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Episode-2/dp/B091F259D2/ref=sr_1_47?keywords=ZAP&qid=1701867726&sr=8-47
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2Bw%2BSZ5NKCNicxUMlC%2Bk0dQ%3D%3D&amzn-r=%2Fref%3Dnav_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2F3fuOxEhwt63ufV6T0bxcA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=03tZvbYvlNFf2acq5oHUcQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fwrite-a-review.html%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=08uZdACqvtGgyluS825gmg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=0Lihl1baWvhf6TOkXodwsA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=0XduUglPDjNSMjsxubrj3Q%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=0YOsOdJkoTlrb2JQ0RFSDA%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=1QT5N1E%2BoHYA3uY20Z45Qw%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=2%2BTC4M6etm0GUm88X8TuOQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=2UjxEKDb5KJ%2F9hQYTEgkuA%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=3c9Q%2BP%2FBegFwrtaVnNB7JQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=3LujxYM0A0USyG2OFfjV7w%3D%3D&amzn-r=%2Fref%3Dcs_503_link&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=3v%2FH%2F%2Fp8hxS87L1CRjIe8g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=4CRscPzyeHD5oPwdd4g72g%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=4L6GAxTLeRFZV1Ql%2F0XDbg%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=5PEpbY7VE%2Fx%2BF4QsbQCCsA%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=5wtQMuRaMjiNWnLNzrc%2FVQ%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=7fi5ByKad%2BdcvxZljfMzqA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=89kxzNpqpBqZafLdlFX0nQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=8T23TyPKJ9nYw28W4EnfEw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=95jTc%2Fjf17cFyeMo2q5R7g%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=97fM1dyt3h9Jc6nkywTmLA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9AQHcF15x6pT5YUsFxlgBg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9dkyynGR9nYfowg38vfKbQ%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9OGFBL46Q7pNVyNctgZC0w%3D%3D&amzn-r=%2Fhz%2Fmycd%2Fmyx%3FpageType%3Dcontent%26ref_%3Dnav_AccountFlyout_myk&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9Z05sBM3FDHZbxQkWsnZ0Q%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=apEvdI6SD8q8%2Bj6RqXItyg%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=BdXJNklVh%2FTo3oUFbCnlxg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=BMw1tPBj4bD27JeQvJERag%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=c2HyZR58QutNLD12xni6Nw%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=C7pO3cDUAWU%2FidqGpXFrjg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fiyr%2F%3Fie%3DUTF8%26ref_%3Dsv_ys_3&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=cHeprgreEvleNxcpw6qQ7g%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Czxv0r4fsgCtUApC77nCZA%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=D2GoufXGvut9%2FZMuYkd9sQ%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fauth-redirect%2Fref%3Datv_auth_red_bef%3FreturnUrl%3D%2Fgp%2Fvideo%2Fmystuff%2Fref%253Datv_auth_red_aft&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=DnotI5d00ATvL%2FoB2Njr5w%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub%252F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=E%2FKdDDIE0Gs6JwlreVZSrg%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=eJOcfxJSLiZ0gj%2BmnQ4giQ%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=eSdz%2BgPr%2BBR7xoxjOIfsSw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ESObOh2M%2BMzmGyC8otRToQ%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=f5ESAwpSkihjQPIl%2Bs9hlA%3D%3D&amzn-r=%2F%3Fref_%3Dfooter_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=FcYso%2F%2BzwFW3yW%2B%2Fwf7JMg%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=fFfU2T%2FD4%2FQzYRxmhnr52g%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Ffm%2BNimpxLDgRmnUlPCD%2FA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ha10fxEJzSh0nMyxhNHj8Q%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=HbRcpcErDWcoTPiIjQDrsw%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=hWVbQrVPP60R%2FMEYDNFUqg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=IBfhlLDppwFRNkZKaih9Tw%3D%3D&amzn-r=%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-sell%26node%3D12766669011%26ref_%3Dnav_cs_sell&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ic88goIdY908wj6AsV8uHQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=IgYhIcpecxxWcC1CwgCm6w%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=IKULlAVXx5%2B3JVfsoGdx7A%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=itO3%2BJP6Ug64elgLVDhWQQ%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=jGyPq5xFSGjtlCbvS8hq8Q%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=L5KXWOaTj0isegvpVanBeg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fhome%2F%3Fie%3DUTF8%26ref_%3Dtopnav_storetab_ys&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=lmOkLtqxprRCC9EF%2FZOFHQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=moJ2W1sEIk5sorRfxeE4jw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=nC%2BIi4ovQgV0mddORPTlFg%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=NprXEQdwV%2BMflR6xPECeGA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=oCXu0M3f0U%2BzmrEAPhaLTQ%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ODTLp74NeoowmDKyrtofhQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=PBV26dQb2Y1INzjq5mIGOg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=qJp9aWa6EQ0ORMOoPRQ6RA%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=qootGElqNGNfpg%2Bx7sUGqw%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=r6Uog%2FdbGV4fFmxHdfuShg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=RjMI0bt%2BzVNA3JMjMzJg2Q%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=roxXxt79k1e3OYCnTuWDqQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=sM62fbadJtqMKBmZutzqTQ%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=SOJEh0g5GNh3yz21vEi58w%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=TWOp0asBI%2FWBWTIkLTtsjA%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=UHco0R4f7vMNkEDM0GQbJA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=uppjsyIHBaraQddL4MAISw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Uqe%2Bj44L232HSBHTqi%2FQzA%3D%3D&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=UQmQcTwDE1aALXI5YMgUmg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=v74vI2HNtwdsMew0%2BCa4yg%3D%3D&amzn-r=%2Fgp%2Fentity-alert%2Fexternal%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=VBA%2FWqJZtFSpIx8jQO%2B2TQ%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=VMnQX6Wwf9aoBCz%2FnmLPHg%3D%3D&amzn-r=%2Fref%3Dcs_503_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=VpYg%2FzqJm%2BlfCHmQSz%2Bi%2FA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=WKtfmT6sXhu4UctX4MQXpw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=wmaWYeM7tTV892Nv5IT%2Brw%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=WU2u70mTqqsTO3A7Q01gmQ%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=wW1ICK07PtAJyLMWPtekow%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=xqei7DKY8jFewDqaI%2BL31g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=yGcmbher93sEDsbGY%2BmhpA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=yIpcu%2ByTIT%2BGhSDjfI7iNA%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=yu6%2FEfW%2FwPCqmg47siCmZw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=zeQeO2v0hNNZMPEQzdgpPg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Zl3unZKkp2iFjlOckDEA6Q%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=zWHXuJMe95diKgc3YS%2BIAQ%3D%3D&amzn-r=%2Fdp%2FB07984JN3L%3Fie%3DUTF-8%26plattr%3DACOMFO&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ga/p/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/GameXcel-Zapper-Electric-Swatter-Mosquito/dp/B08BP57MMH/ref=sr_1_23?keywords=ZAP&qid=1701867726&sr=8-23
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/giveaway/host/setup/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/GOOTOP-Mosquito-Zapper-Outdoor-Electric/dp/B09PQF39PG/ref=sr_1_38?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aw/shoppingAids/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aw/so.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_cart
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cdp/member-reviews/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/common/du
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/dynamic/sims-box
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/entity-alert/external?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/flex
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/contact-us
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/orc/rml/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/e-mail-friend
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/product-availability
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/rate-this-item
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/reader
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/rentallist
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/socialmedia/giveaways
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/mystuff
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/settings
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/home/?ie=UTF8&ref_=topnav_storetab_ys
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/iyr/?ie=UTF8&ref_=sv_ys_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Herbal-Zap-Instantly-Dissolving-Supplement/dp/B01L4J9O8Y/ref=sr_1_33?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/friends/ref_=cm_wl_your_friends
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Lets-Clean-The-House/dp/B0B8PGK8XW/ref=sr_1_56?keywords=ZAP&qid=1701867726&sr=8-56
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Living-Puppet-9-Inch-Friendly-Monster/dp/B0CJQBMHW1/ref=sr_1_48?keywords=ZAP&qid=1701867726&sr=8-48
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D899f9d5a-aa9a-ac57-0071-071f359074a7%26type%3D55%26m%3D1&ex-fch=416613&ex-hargs=v%3D1.0%3Bc%3D2702107500201%3Bp%3D899F9D5A-AA9A-AC57-0071-071F359074A7&ex-src=https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Outdoor-Cordless-Rechargeable-Mosquito-Equipped/dp/B0BNN13X69/ref=sr_1_43?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Outdoor-High-Power-Mosquito-Waterproof-Backyard/dp/B0BVQWLLT7/ref=sr_1_44?keywords=ZAP&qid=1701867726&sr=8-44
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-CA-Adhesives/dp/B0006O8ECG/ref=sr_1_53?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Single-Adhesives/dp/B00GB0SFT6/ref=sr_1_52?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Z-Poxy-Minute/dp/B00SXJJ4I4/ref=sr_1_60?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Zap-Adhesives/dp/B00SXJJ2QI/ref=sr_1_7?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Pellon-Wrap-N-Zap-Batting-36-Inch-Natural/dp/B01N4B9B6I/ref=sr_1_46?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Phosooy-Electric-Aluminium-Mosquito-Hanging/dp/B08P8MJ4X3/ref=sr_1_59?keywords=ZAP&qid=1701867726&sr=8-59
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B0069IY63Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B096X8471C/ref=nta-top-sellers_d_sccl_1_8_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Pure-ZAP-Vitamin-Natural-Verified/dp/B0CLFF5X2N/ref=sr_1_51?keywords=ZAP&qid=1701867726&sr=8-51
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=07BWCF2G9BFS2WAT7DYY&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=07BWCF2G9BFS2WAT7DYY&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=0TSXQG69TABS9N2MN4BS&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=0TSXQG69TABS9N2MN4BS&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1C4QAWK92TFBDKQ68XMC&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1C4QAWK92TFBDKQ68XMC&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1EFYFGZT8YXYSPXN15E5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1EFYFGZT8YXYSPXN15E5&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1WFHBDDCG810GF5YK07X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1WFHBDDCG810GF5YK07X&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1Z3VXBPNK2C81GBG4KT6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1Z3VXBPNK2C81GBG4KT6&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2843QW1YGK2ADQB0BDWH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2843QW1YGK2ADQB0BDWH&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=28C41J0X5ATV52HQ161D&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=28C41J0X5ATV52HQ161D&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2G1HC0JMHZH1HK08RT2A&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2G1HC0JMHZH1HK08RT2A&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2HEHNCBP48GNZEM8T8ZT&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2HEHNCBP48GNZEM8T8ZT&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2KSNA3E6CZNB2Y0SYHF7&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2KSNA3E6CZNB2Y0SYHF7&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2M38KZXKCSH2YTCTDW5T&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2M38KZXKCSH2YTCTDW5T&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2QN51WM6363YACC173X2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2QN51WM6363YACC173X2&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2ZAA9BD0VW676AHVT7RH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2ZAA9BD0VW676AHVT7RH&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=3BV9FT1ZXFER89W1RJHY&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=3BV9FT1ZXFER89W1RJHY&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=43D8FKDQZ91QCMAJJ2F6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=43D8FKDQZ91QCMAJJ2F6&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4AHC6Q7NA500NAKMNT6Y&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4AHC6Q7NA500NAKMNT6Y&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4H73N5T6ZTW7FPW93ABG&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4H73N5T6ZTW7FPW93ABG&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4QQD9QRNB4G6WYQCJWTK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4QQD9QRNB4G6WYQCJWTK&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4V37TFZ4BS0VAPPHY0HJ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4V37TFZ4BS0VAPPHY0HJ&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=57CNZ33807Z2NF10ZF6F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=57CNZ33807Z2NF10ZF6F&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=5RMFKRFX7A2ZFB2NWQYD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=5RMFKRFX7A2ZFB2NWQYD&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6BDT2114JQRFTTBQGRDH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6BDT2114JQRFTTBQGRDH&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6PE92FT3QPKW177SFKDA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6PE92FT3QPKW177SFKDA&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7GW14SP04JQH5ABK7QYV&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7GW14SP04JQH5ABK7QYV&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7KQTD5V24NWM6F0Z013X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7KQTD5V24NWM6F0Z013X&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7P69HHY1REMXVDZ2HJ3J&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7P69HHY1REMXVDZ2HJ3J&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7VW03D6FYN96KHTRYSXQ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7VW03D6FYN96KHTRYSXQ&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=88DDJH73759FVXCK962B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=88DDJH73759FVXCK962B&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8AWNTQHXXRFRRYW07G95&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8AWNTQHXXRFRRYW07G95&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8FVD3S6256SP1JSY6JDZ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8FVD3S6256SP1JSY6JDZ&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8YY49YP1TR5T3V9M5WS9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8YY49YP1TR5T3V9M5WS9&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=9AX29VYD3H5SBK7CF99K&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=9AX29VYD3H5SBK7CF99K&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A4TD8T65MA3AN2GRRG46&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A4TD8T65MA3AN2GRRG46&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A91W32PMRE5JJT21GT3F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A91W32PMRE5JJT21GT3F&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ADP01PVYNHX665SG5GZ8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ADP01PVYNHX665SG5GZ8&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AEVJC6QQ8HD6PNZ0MKGK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AEVJC6QQ8HD6PNZ0MKGK&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AGT0JAK5TBDYNBDQJ39W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AGT0JAK5TBDYNBDQJ39W&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=B0B9CXR6S6CNT6450E3X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=B0B9CXR6S6CNT6450E3X&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BQFYC9E8TVPX47RAEW8K&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BQFYC9E8TVPX47RAEW8K&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BS5SJ8PVE3269A2WVS4Z&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BS5SJ8PVE3269A2WVS4Z&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BYWEH3FEAN0MXRW0A2R9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BYWEH3FEAN0MXRW0A2R9&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=C50HD6Q541VK4VFESD9T&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=C50HD6Q541VK4VFESD9T&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CKJSQA0WR4N6JQF3BQC8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CKJSQA0WR4N6JQF3BQC8&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CNFYGVMZS6MD1WF77C0R&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CNFYGVMZS6MD1WF77C0R&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CRNHYFDCMGYA1WW18A44&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CRNHYFDCMGYA1WW18A44&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0FEJ28H4AJHCT84SS1G&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0FEJ28H4AJHCT84SS1G&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0TP68SBY7HDG3MXW48C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0TP68SBY7HDG3MXW48C&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DMW032KW515C537ZNAVB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DMW032KW515C537ZNAVB&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DQSRAAGYWSQ6Z11PF3T5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DQSRAAGYWSQ6Z11PF3T5&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ED5QDDQQC8TMY4AX4CKD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ED5QDDQQC8TMY4AX4CKD&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EF7REY7J3CGVWSDGQMBD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EF7REY7J3CGVWSDGQMBD&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EKZMH77N5KH9EMJFS91N&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EKZMH77N5KH9EMJFS91N&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=F2703RBKPXCGBA963E2F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=F2703RBKPXCGBA963E2F&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FJ93S7C0CB3V67HS111G&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FJ93S7C0CB3V67HS111G&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FKEC5P2PQENE8H3WWZWV&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FKEC5P2PQENE8H3WWZWV&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FRYHHF0B3Y4WV5Z3P88V&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FRYHHF0B3Y4WV5Z3P88V&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FV0VT2JMA1B9H546470B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FV0VT2JMA1B9H546470B&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GF0YXBRSXKKY8EVM9VW2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GF0YXBRSXKKY8EVM9VW2&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GSV6C79C01MVD6RE6E38&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GSV6C79C01MVD6RE6E38&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GVYS3XPQAMEVJRSD6KB6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GVYS3XPQAMEVJRSD6KB6&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=H3XW4KDZACDMWY3XMYA1&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=H3XW4KDZACDMWY3XMYA1&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HG3GBHYC8EH0CQCPE3M5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HG3GBHYC8EH0CQCPE3M5&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HGEM81S0CH0XRD441JF0&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HGEM81S0CH0XRD441JF0&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HMW8T12R252DDRD2PX7Z&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HMW8T12R252DDRD2PX7Z&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HPP1TJSX9F1RRSKEHCJ2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HPP1TJSX9F1RRSKEHCJ2&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HYSFJFR7B31V19QV0PBT&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HYSFJFR7B31V19QV0PBT&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=JS17FZBAF6JNZXRBBS03&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=JS17FZBAF6JNZXRBBS03&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=K7Q6WS07R6PS66NNMPB5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=K7Q6WS07R6PS66NNMPB5&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KAHRR4AF1M5C6ZHNJYNK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KAHRR4AF1M5C6ZHNJYNK&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KJY7W7FWHMNM0TZC9RWZ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KJY7W7FWHMNM0TZC9RWZ&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KPYV6TB3JED07RV34N9D&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KPYV6TB3JED07RV34N9D&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KRA1T1Z92P0PE6WWCTV4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KRA1T1Z92P0PE6WWCTV4&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KTSSXN5Y7FTWMK2169MS&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KTSSXN5Y7FTWMK2169MS&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KVWW9GMJTDCK71F9HMZ9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KVWW9GMJTDCK71F9HMZ9&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KYYVMS2H9T65HPWHRXD8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KYYVMS2H9T65HPWHRXD8&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KZ5Z48CAPGPG8VX17QHD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KZ5Z48CAPGPG8VX17QHD&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MJVSJDRB5BGMWNAE4AW9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MJVSJDRB5BGMWNAE4AW9&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MNENB3WDK2Y4H6FJD1CE&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MNENB3WDK2Y4H6FJD1CE&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NKCV5ZZSWRSYHJBAGV47&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NKCV5ZZSWRSYHJBAGV47&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NWMMCMQKFMDXR85ZKQK4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NWMMCMQKFMDXR85ZKQK4&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P3M0DN7FPSK8A237KGYA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P3M0DN7FPSK8A237KGYA&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P7WR7742GJXS34V08QQF&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P7WR7742GJXS34V08QQF&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PEVE67BRDBXT5JKJYDWN&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PEVE67BRDBXT5JKJYDWN&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGS7PWT5NBRKWM4KZNZB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGS7PWT5NBRKWM4KZNZB&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGTVT802A57S10DYE27W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGTVT802A57S10DYE27W&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PK06TDEY641SJG7FE64S&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PK06TDEY641SJG7FE64S&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Q5G901NQ1MC6Z57DME8P&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Q5G901NQ1MC6Z57DME8P&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QCZCS6JSKGRR73D8V15B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QCZCS6JSKGRR73D8V15B&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QQTRCE7CZH7MCKWG1J0C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QQTRCE7CZH7MCKWG1J0C&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QWZRXD92MJDRK92N74C2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QWZRXD92MJDRK92N74C2&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R64GX02ZDJWMRRBX47QA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R64GX02ZDJWMRRBX47QA&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R8XNM7E4NW0CK8W103VM&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R8XNM7E4NW0CK8W103VM&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=S257MZE0YP0YVBTACJWA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=S257MZE0YP0YVBTACJWA&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=V8GRNQJEW7S4AXXMR87C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=V8GRNQJEW7S4AXXMR87C&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=VD1K5XK101T25S4FGHX4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=VD1K5XK101T25S4FGHX4&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=W6TQDJBMNBB66VHTNH78&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=W6TQDJBMNBB66VHTNH78&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=WCE9CN4FM6BC9SZ3RTEN&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=WCE9CN4FM6BC9SZ3RTEN&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=XM87YZADCS23GKC3SHM6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=XM87YZADCS23GKC3SHM6&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Y89KQTWG7TTMZWKA1H1C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Y89KQTWG7TTMZWKA1H1C&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YF4AE1FF6DHZ9A5BHS6W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YF4AE1FF6DHZ9A5BHS6W&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YWHMA1DQEF1CC76WEQPB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YWHMA1DQEF1CC76WEQPB&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZCP1JXMRFEJTR0G849ZG&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZCP1JXMRFEJTR0G849ZG&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZTYQNNF8MD0NHQNNC1N2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZTYQNNF8MD0NHQNNC1N2&tepes=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_500_link
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_500_logo
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_503_link
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_503_logo
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=nav_logo
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/reviews/iframe
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+cleaner&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_0
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+glue&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+skimboard&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zep&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/browse/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&ie=UTF8&node=12302698011&pd_rd_i=B0BW2VKGXX&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/ref=nb_sb_noss?field-keywords=ZAP&url=https%3A%2F%2Fzap.example.com
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3A%2BgnDOQg7ZkELD4ve3ezFEBZ6NXmMmK4ZL9oCbiflnuI&k=ZAP&qid=1701867726&ref=sr_nr_n_7&rh=n%3A3310241011&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3A2crFyusus%2B%2B1RT1IwyUcU5XC59VUC46m3qWpeqVgASA&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_1&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624669011&rnid=116623717011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3A6hO4ACwHHBgsE4GPUVQOCqFN1jLvlSUMJjEDH%2F5O9Xc&k=ZAP&qid=1701867726&ref=sr_nr_n_4&rh=n%3A2625373011%2Cn%3A2858905011&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3A9HZGWeEBC7fpeApkrnRZ%2B0noSnyscx6e73bvFE5haRo&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_4&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972997011&rnid=2972980011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Aa3L5yTq%2FTwAq%2BJ3vC5KEF7wpuGAqx2rnqT4RadNEQUw&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_five_browse-bin_2&rh=n%3A553844%2Cp_n_feature_five_browse-bin%3A3622357011&rnid=3622346011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AAj5uFUCmzBeIGCB9O4HD5B7ecF9u2cEiX5pLWbA7pbI&k=ZAP&qid=1701867726&ref=sr_nr_n_9&rh=n%3A15342811&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AB4kJcVL6p3ciIEr8VqWzcrfxAqq2mUXrpSaQ8%2BnR2bs&k=ZAP&qid=1701867726&ref=sr_nr_n_5&rh=n%3A2236128011&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3ADfC3Jc%2Fathy%2FRtz2qlN4k2fN2W%2B69EMqB0Wj9ogPRng&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_1&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624666011&rnid=116623716011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AdJGoKEUeVJUmdp%2FwolJaYem3p4f7gC9xCNmXGyPCG8A&k=ZAP&qid=1701867726&ref=sr_nr_p_n_availability_2&rh=p_n_availability%3A2661601011&rnid=2661599011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AEoJQDIxorNSLVTxbHgjb7OJEBRaD74dfWqIoSpg1yuY&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_five_browse-bin_1&rh=n%3A553844%2Cp_n_feature_five_browse-bin%3A3622349011&rnid=3622346011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AErIi6LrN3colZg%2FVX3I5QfY8FZ7K4mIFZYuGJhCxhJQ&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_3&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624672011&rnid=116623717011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AETFEK2gWyn69GO0z64HRRciTpcLblrr65sAIfWhSrlU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_sb_certificate_id_1&rh=p_n_sb_certificate_id%3A98614993011&rnid=98614992011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Af507bn1iJ3PXzyLGr04rOT25Qu22KyU1gl2ZLLCgDaU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624662011&rnid=116623715011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AfZ8FVSIdc1PbE83G1hsctPSCtZkyHqUed7sUbFVV6fo&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_2&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972994011&rnid=2972980011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Ah%2BVTVE2AY0cxrNzy9enMcGam8OMSH48bPEIgoSrF0L4&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_forty-one_browse-bin_1&rh=n%3A2972638011%2Cp_n_feature_forty-one_browse-bin%3A119653281011&rnid=119653280011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AHGxFMrFiQgPStU10MEDG2rHilbXMy1djT748rHIuYsY&k=ZAP&qid=1701867726&ref=sr_nr_p_36_2&rh=n%3A2972638011%2Cp_36%3A2661613011&rnid=2661611011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AHQQ5UvgIDzXjeyXJZOPUFZRnWvkJRVAnXZ8RUO3%2FugI&k=ZAP&qid=1701867726&ref=sr_nr_p_72_3&rh=p_72%3A2661620011&rnid=2661617011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AiZCunxarHdwKSUxjmUjqhaddqL9uXJe1Z72Roe%2BmcVY&k=ZAP&qid=1701867726&ref=sr_nr_p_72_4&rh=p_72%3A2661621011&rnid=2661617011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Aj8puxO0oy%2FGawj%2FmWFlf9y3TMbdwSH6VTItIe6xBlLw&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624670011&rnid=116623717011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Ak2x2B5%2FPbUY3SdCV%2F1UvaNsUmRunD0PPx7Q1c61Gung&k=ZAP&qid=1701867726&ref=sr_nr_p_36_4&rh=n%3A2972638011%2Cp_36%3A2661615011&rnid=2661611011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AlqYbcZALOVGXWSl080MnUWXsxFJIhrYnn3ovkyIP%2BTE&k=ZAP&qid=1701867726&ref=sr_nr_n_2&rh=n%3A2625373011&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3ALVQLAHCecwjxfLgrctm3Wgujr%2BYp6xiUGIEBdQ2VTuc&k=ZAP&qid=1701867726&ref=sr_nr_p_72_1&rh=p_72%3A2661618011&rnid=2661617011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AMPk1Axx7H3xe85ZYUl16%2B36IbpwqDvdhLSCh93XikfQ&k=ZAP&qid=1701867726&ref=sr_nr_p_n_date_first_available_absolute_1&rh=n%3A2972638011%2Cp_n_date_first_available_absolute%3A2661609011&rnid=2661608011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AmQlpkGxEtH%2BGPX%2FFgthYt7jlu8EmzymK%2FbBMCB%2FWY90&k=ZAP&qid=1701867726&ref=sr_nr_n_1&rh=n%3A3738021&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AN2y66%2BjGnwLPLT9Ad%2BUnyZB%2FKps1hzMH6SBRGmwZF%2B4&k=ZAP&qid=1701867726&ref=sr_nr_p_36_1&rh=n%3A2972638011%2Cp_36%3A2661612011&rnid=2661611011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AO%2B1glBJ6PwcMM8lxLfbM2uHUBJepAKX0qX4W28A9ljA&k=ZAP&qid=1701867726&ref=sr_nr_p_n_deal_type_1&rh=p_n_deal_type%3A23566065011&rnid=23566063011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AOIBjDd7i2iZ4Q1LgiAGExL%2BNbT9qF7db2T6cCPGfHA0&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_2&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624667011&rnid=116623716011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AOWy6AIfDqMbYmFIk9qKX3Zu8x7CduUIZkBJpcrXpiGA&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_3&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972992011&rnid=2972980011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AP4ZYziMF29gHf0wFsf8JQ0iT2Qa2v0IbDdFEYUT6oms&k=ZAP&qid=1701867726&ref=sr_nr_p_89_2&rh=n%3A2972638011%2Cp_89%3AAMUFER&rnid=2528832011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AP9Y1DGUekhwZJEj5l4M%2BDeMqHbtOcbH4OlJJq%2BLMkZs&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_5&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972983011&rnid=2972980011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3ApF%2Fam6Ycg%2BXg69FChSeHZARGZCjZ7%2BHOj7nL%2FRgx1TU&k=ZAP&qid=1701867726&ref=sr_nr_n_8&rh=n%3A3737901&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AQgf545ZuA2jEc1bxVS3yR7eKXMWFs069s7I7wrdkk9w&k=ZAP&qid=1701867726&ref=sr_nr_p_36_3&rh=n%3A2972638011%2Cp_36%3A2661614011&rnid=2661611011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AqsV428nc0lCi%2BF4WKVuvZWHSeZPKaliyKi9CvFlUXe4&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_2&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624661011&rnid=116623715011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3ArfSTulZPqfJAHvdysD9XF1SMxq%2BdLm0bJr28LYz0ym8&k=ZAP&qid=1701867726&ref=sr_nr_p_89_3&rh=n%3A2972638011%2Cp_89%3AMosiller&rnid=2528832011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Atz301C2BNRRhzs%2FXdAaNoYRM4gLlE71cHOmZcxKi3Eg&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_1&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972982011&rnid=2972980011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AUfZokyaknMPMTqRPrIDdfcpFrnToD5OBpVaKPvp8pW0&k=ZAP&qid=1701867726&ref=sr_nr_p_n_date_first_available_absolute_2&rh=n%3A2972638011%2Cp_n_date_first_available_absolute%3A2661610011&rnid=2661608011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AuJO0zldyeQF3qbBEzLRc0ujBz906IUjSBK0FN37qyeY&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_3&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624663011&rnid=116623715011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AvgHZh9iFYqLIsprMnQZFaHLY0IP2Y092OCgmWPpZJwI&k=ZAP&qid=1701867726&ref=sr_nr_p_n_deal_type_2&rh=p_n_deal_type%3A23566064011&rnid=23566063011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AvZJmqOwpJGP5PtQR60%2FsfDe7qBWbpC9yXgGk%2FfaAcVQ&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_twenty_browse-bin_6&rh=n%3A2972638011%2Cp_n_feature_twenty_browse-bin%3A2972990011&rnid=2972980011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AW7I0E02CY0iCYRkycCLENS8sgA1Evgv%2FqmnjoDkZaJY&k=ZAP&qid=1701867726&ref=sr_nr_n_6&rh=n%3A13398611&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AWcj9ZdCeQuRX3AY2wUotx85egurfOmXy1USjFddsNgs&k=ZAP&qid=1701867726&ref=sr_nr_p_n_condition-type_1&rh=n%3A2972638011%2Cp_n_condition-type%3A6358196011&rnid=6358194011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Awp%2BGwDVLpOrgR5aIprd9KEZPBSBdSgy7Lbowk3eiaAo&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_browse-bin_1&rh=n%3A3738021%2Cp_n_feature_browse-bin%3A116624664011&rnid=116623715011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AwwhK4KmVli9s9YcgOcWqpFCNe8HXnkoBs9PJQY3P5ac&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_three_browse-bin_2&rh=n%3A3738021%2Cp_n_feature_three_browse-bin%3A116624671011&rnid=116623717011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AxfgPZmrOdMQ94WkDNM%2FSkEnghyIQYK4pqckhjNuH6Mc&k=ZAP&qid=1701867726&ref=sr_nr_p_72_2&rh=p_72%3A2661619011&rnid=2661617011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AzZWXMddzJwQeYrpboa2zgI%2Fs0lCN%2FJgMLPP5%2FdU61m8&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_3&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624665011&rnid=116623716011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?field-keywords=ZAP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_500_search
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=ZAP&page=2&qid=1701867726&ref=sr_pg_1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=ZAP&page=2&qid=1701867726&ref=sr_pg_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=ZAP&page=3&qid=1701867726&ref=sr_pg_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+animal+collar&ref=sr_nr_p_cosmo_multi_pt_8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+battery&ref=sr_nr_p_cosmo_multi_pt_11
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+bonding+adhesive&ref=sr_nr_p_cosmo_multi_pt_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+charging+adapter&ref=sr_nr_p_cosmo_multi_pt_15
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+cleaning+agent&ref=sr_nr_p_cosmo_multi_pt_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+digital+movie&ref=sr_nr_p_cosmo_multi_pt_1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+drain+opener+substance&ref=sr_nr_p_cosmo_multi_pt_14
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+electromechanical+switch&ref=sr_nr_p_cosmo_multi_pt_13
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+flashlight&ref=sr_nr_p_cosmo_multi_pt_10
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+medication&ref=sr_nr_p_cosmo_multi_pt_16
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+pest+control+device&ref=sr_nr_p_cosmo_multi_pt_0
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+remote+control&ref=sr_nr_p_cosmo_multi_pt_7
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+skin+moisturizer&ref=sr_nr_p_cosmo_multi_pt_12
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+sport+board+%26+ski&ref=sr_nr_p_cosmo_multi_pt_5
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+towel&ref=sr_nr_p_cosmo_multi_pt_9
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+toy+gun&ref=sr_nr_p_cosmo_multi_pt_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+watch&ref=sr_nr_p_cosmo_multi_pt_18
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Shark-AV2501S-Self-Empty-Navigation-UltraClean/dp/B09H8CWFNK/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H8CWFNK&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ShiZap-Energized-Stacking-Block-Game/dp/B08HCHDPK2/ref=sr_1_39?keywords=ZAP&qid=1701867726&sr=8-39
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Simply-Calphalon-Nonstick-Cookware-SA10H/dp/B001AS94TY/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B001AS94TY&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sitemap.xml
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery-ebook/dp/B09RC2SQ5K/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820079/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820095/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/B09VLGT12H/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Soundcore-Cancelling-Headphones-Wireless-Bluetooth/dp/B07NM3RSRQ/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0819LK85F&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ss/customer-reviews/lighthouse/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ss/twister/ajax
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/The-Zip-Zap-No-Small-Parts/dp/B0CBD6M8X5/ref=sr_1_42?keywords=ZAP&qid=1701867726&sr=8-42
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Black-Large-Twin-Zapper/dp/B08GXVGZZZ/ref=sr_1_15?keywords=ZAP&qid=1701867726&sr=8-15
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Blue-Medium-Twin-Zapper/dp/B08GWZ3LVQ/ref=sr_1_24?keywords=ZAP&qid=1701867726&sr=8-24
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Blue-Mini-Twin-Zapper/dp/B08GXB6Y9Z/ref=sr_1_45?keywords=ZAP&qid=1701867726&sr=8-45
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZ8TXWQ/ref=sr_1_14?keywords=ZAP&qid=1701867726&sr=8-14
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZQKWVP/ref=sr_1_16?keywords=ZAP&qid=1701867726&sr=8-16
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Rechargeable-Attractant/dp/B085HLLHL1/ref=sr_1_11?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Cloth-Streak-Free-Cloths/dp/B00JOQWPNG/ref=sr_1_54?keywords=ZAP&qid=1701867726&sr=8-54
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Electric-Indoor-Zapper-Mosquito/dp/B088QS5VGJ/ref=sr_1_22?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Electric-Outdoor-Waterproof-Mosquito/dp/B088QSKG8S/ref=sr_1_30?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Formaldehyde-Brazilian-Treatment-Progressive/dp/B0BL437FFW/ref=sr_1_32?keywords=ZAP&qid=1701867726&sr=8-32
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Justin-J-Wheeler/dp/B085K7PHB3/ref=sr_1_58?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Kara-Camden/dp/B01DUIN9TC/ref=sr_1_12?keywords=ZAP&qid=1701867726&sr=8-12
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman-ebook/dp/B074ZN2L3N/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Paul-Fleischman-ebook/dp/B011S7489W/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Paul-Fleischman/dp/0763627747/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Revised-Paul-Fleischman/dp/0763680133/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Progressive-Brush-Long-lasting-Straightening/dp/B07SSHX3BM/ref=sr_1_8?keywords=ZAP&qid=1701867726&sr=8-8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Zapper-Large-Twin-Pack/dp/B07GN4JZL8/ref=sr_1_10?keywords=ZAP&qid=1701867726&sr=8-10
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Zapper-Racket-4000V-Rechargeable/dp/B06WW6831F/ref=sr_1_5?keywords=ZAP&qid=1701867726&sr=8-5
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zapped-Zendaya/dp/B00MKKCVGO/ref=sr_1_34?keywords=ZAP&qid=1701867726&sr=8-34
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zezo-Fiber-Zap-Cloth-10-Cloths/dp/B01CH150VS/ref=sr_1_9?keywords=ZAP&qid=1701867726&sr=8-9
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zipi-Zape-Isla-del-Capit%C3%A1n/dp/B09ZKMWZ25/ref=sr_1_37?keywords=ZAP&qid=1701867726&sr=8-37
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_5_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
Instances 879
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
Reference https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
http://www.w3.org/TR/CSP/
http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
http://caniuse.com/#feat=contentsecuritypolicy
http://content-security-policy.com/
CWE Id 693
WASC Id 15
Plugin Id 10038
Medium
Cross-Domain Misconfiguration
Description
Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URL https://fls-na.amazon.com/1/batch/1/OE/
Method POST
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Instances 7
Solution
Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).

Configure the "Access-Control-Allow-Origin" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.
Reference https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy
CWE Id 264
WASC Id 14
Plugin Id 10098
Medium
Missing Anti-clickjacking Header
Description
The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.
URL https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAGE_VISIBILITY
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1679317318&target=OPTIMIZATION_TARGET_LANGUAGE_DETECTION
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698073325&target=OPTIMIZATION_TARGET_CLIENT_SIDE_PHISHING
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678108&target=OPTIMIZATION_TARGET_GEOLOCATION_PERMISSION_PREDICTIONS
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678199&target=OPTIMIZATION_TARGET_NOTIFICATION_PERMISSION_PREDICTIONS
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/-/en$
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/-/es/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/-/he$
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/-/he/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/-/zh_TW$
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/-/zh_TW/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_5
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_6
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_7
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/?ref_=footer_logo
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ASUS-NVIDIA-GeForce-Graphics-DisplayPort/dp/B0BQTVQQP4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0BQTVQQP4&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?_encoding=UTF8&ld=AZUSSOA-sell&node=12766669011&ref_=nav_cs_sell
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Bac-Zap-Odor-Eliminator-1_gallon/dp/B007MCJJWE/ref=sr_1_29?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Barbie-DreamHouse-Furniture-Accessories-Wheelchair-Accessible/dp/B08V1R73H9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B08V1R73H9&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Chispee-Finishing-Weaving-Leather-Melting/dp/B0CHK2D5PM/ref=sr_1_36?keywords=ZAP&qid=1701867726&sr=8-36
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Cleansing-Conditioner-Treatment-Sulfur-Greasy/dp/B08WCMNBWC/ref=sr_1_31?keywords=ZAP&qid=1701867726&sr=8-31
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Ding-Zap-Falcones-Emergency-Repair/dp/B0BF7NXYMG/ref=sr_1_41?keywords=ZAP&qid=1701867726&sr=8-41
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/B088R7QF3J?binding=kindle_edition&qid=1701867726&ref_=dbs_s_aps_series_rwt_tkin&searchxofy=true&sr=8-50
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/e-mail-friend/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/manual-submit/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/product-availability/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/rate-this-item/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/shipping/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Mosiller-Rechargeable-Powerful-Mosquitoes/dp/B09Q8W67XQ/ref=sr_1_57?keywords=ZAP&qid=1701867726&sr=8-57
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Swatter-Racket-Rechargeable-Charging/dp/B08GWRCQKJ/ref=sr_1_55?keywords=ZAP&qid=1701867726&sr=8-55
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Swatter-Rechargeable-Attractant-Charging/dp/B085DNM6JC/ref=sr_1_6?keywords=ZAP&qid=1701867726&sr=8-6
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Episode-2/dp/B091F259D2/ref=sr_1_47?keywords=ZAP&qid=1701867726&sr=8-47
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/GameXcel-Zapper-Electric-Swatter-Mosquito/dp/B08BP57MMH/ref=sr_1_23?keywords=ZAP&qid=1701867726&sr=8-23
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/GOOTOP-Mosquito-Zapper-Outdoor-Electric/dp/B09PQF39PG/ref=sr_1_38?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cdp/member-reviews/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/common/du
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/dynamic/sims-box
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/entity-alert/external?ue_back=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/contact-us
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/orc/rml/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/e-mail-friend
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/product-availability
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/rate-this-item
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/socialmedia/giveaways
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/ref%3Datv_auth_red_aft
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/mystuff
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/settings
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/home/?ie=UTF8&ref_=topnav_storetab_ys
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/iyr/?ie=UTF8&ref_=sv_ys_3
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=cItem.url%20%23%3E
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=error.button.url%20%23%3E
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=row.url%20%23%3E
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/get?ue_back=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Herbal-Zap-Instantly-Dissolving-Supplement/dp/B01L4J9O8Y/ref=sr_1_33?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=item.image.src%20%23%3E
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=item.url%20%23%3E
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/friends/ref_=cm_wl_your_friends
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/get?ue_back=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Lets-Clean-The-House/dp/B0B8PGK8XW/ref=sr_1_56?keywords=ZAP&qid=1701867726&sr=8-56
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Living-Puppet-9-Inch-Friendly-Monster/dp/B0CJQBMHW1/ref=sr_1_48?keywords=ZAP&qid=1701867726&sr=8-48
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Outdoor-Cordless-Rechargeable-Mosquito-Equipped/dp/B0BNN13X69/ref=sr_1_43?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Outdoor-High-Power-Mosquito-Waterproof-Backyard/dp/B0BVQWLLT7/ref=sr_1_44?keywords=ZAP&qid=1701867726&sr=8-44
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-CA-Adhesives/dp/B0006O8ECG/ref=sr_1_53?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Single-Adhesives/dp/B00GB0SFT6/ref=sr_1_52?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Z-Poxy-Minute/dp/B00SXJJ4I4/ref=sr_1_60?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Zap-Adhesives/dp/B00SXJJ2QI/ref=sr_1_7?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Pellon-Wrap-N-Zap-Batting-36-Inch-Natural/dp/B01N4B9B6I/ref=sr_1_46?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Phosooy-Electric-Aluminium-Mosquito-Hanging/dp/B08P8MJ4X3/ref=sr_1_59?keywords=ZAP&qid=1701867726&sr=8-59
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B0069IY63Y
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B096X8471C/ref=nta-top-sellers_d_sccl_1_8_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Pure-ZAP-Vitamin-Natural-Verified/dp/B0CLFF5X2N/ref=sr_1_51?keywords=ZAP&qid=1701867726&sr=8-51
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_500_link
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_500_logo
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_503_link
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_503_logo
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=nav_logo
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/reviews/iframe
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Shark-AV2501S-Self-Empty-Navigation-UltraClean/dp/B09H8CWFNK/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H8CWFNK&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ShiZap-Energized-Stacking-Block-Game/dp/B08HCHDPK2/ref=sr_1_39?keywords=ZAP&qid=1701867726&sr=8-39
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Simply-Calphalon-Nonstick-Cookware-SA10H/dp/B001AS94TY/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B001AS94TY&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery-ebook/dp/B09RC2SQ5K/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820079/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820095/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/B09VLGT12H/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Soundcore-Cancelling-Headphones-Wireless-Bluetooth/dp/B07NM3RSRQ/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0819LK85F&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ss/customer-reviews/lighthouse/
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/The-Zip-Zap-No-Small-Parts/dp/B0CBD6M8X5/ref=sr_1_42?keywords=ZAP&qid=1701867726&sr=8-42
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Black-Large-Twin-Zapper/dp/B08GXVGZZZ/ref=sr_1_15?keywords=ZAP&qid=1701867726&sr=8-15
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Blue-Medium-Twin-Zapper/dp/B08GWZ3LVQ/ref=sr_1_24?keywords=ZAP&qid=1701867726&sr=8-24
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Blue-Mini-Twin-Zapper/dp/B08GXB6Y9Z/ref=sr_1_45?keywords=ZAP&qid=1701867726&sr=8-45
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZ8TXWQ/ref=sr_1_14?keywords=ZAP&qid=1701867726&sr=8-14
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZQKWVP/ref=sr_1_16?keywords=ZAP&qid=1701867726&sr=8-16
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Rechargeable-Attractant/dp/B085HLLHL1/ref=sr_1_11?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Cloth-Streak-Free-Cloths/dp/B00JOQWPNG/ref=sr_1_54?keywords=ZAP&qid=1701867726&sr=8-54
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Electric-Indoor-Zapper-Mosquito/dp/B088QS5VGJ/ref=sr_1_22?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Electric-Outdoor-Waterproof-Mosquito/dp/B088QSKG8S/ref=sr_1_30?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Formaldehyde-Brazilian-Treatment-Progressive/dp/B0BL437FFW/ref=sr_1_32?keywords=ZAP&qid=1701867726&sr=8-32
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Justin-J-Wheeler/dp/B085K7PHB3/ref=sr_1_58?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Kara-Camden/dp/B01DUIN9TC/ref=sr_1_12?keywords=ZAP&qid=1701867726&sr=8-12
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman-ebook/dp/B074ZN2L3N/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Paul-Fleischman-ebook/dp/B011S7489W/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Paul-Fleischman/dp/0763627747/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Revised-Paul-Fleischman/dp/0763680133/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Progressive-Brush-Long-lasting-Straightening/dp/B07SSHX3BM/ref=sr_1_8?keywords=ZAP&qid=1701867726&sr=8-8
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Zapper-Large-Twin-Pack/dp/B07GN4JZL8/ref=sr_1_10?keywords=ZAP&qid=1701867726&sr=8-10
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Zapper-Racket-4000V-Rechargeable/dp/B06WW6831F/ref=sr_1_5?keywords=ZAP&qid=1701867726&sr=8-5
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zapped-Zendaya/dp/B00MKKCVGO/ref=sr_1_34?keywords=ZAP&qid=1701867726&sr=8-34
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zezo-Fiber-Zap-Cloth-10-Cloths/dp/B01CH150VS/ref=sr_1_9?keywords=ZAP&qid=1701867726&sr=8-9
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
URL https://www.amazon.com/Zipi-Zape-Isla-del-Capit%C3%A1n/dp/B09ZKMWZ25/ref=sr_1_37?keywords=ZAP&qid=1701867726&sr=8-37
Method GET
Parameter x-frame-options
Attack
Evidence
Other Info
Instances 126
Solution
Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.

If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
CWE Id 1021
WASC Id 15
Plugin Id 10020
Low
Application Error Disclosure
Description
This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.
URL https://www.amazon.com/sitemap.xml
Method GET
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Other Info
Instances 1
Solution
Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.
Reference
CWE Id 200
WASC Id 13
Plugin Id 90022
Low
CSP: Notices
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks. Including (but not limited to) Cross Site Scripting (XSS), and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/amazonprime
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b?*node=7454898011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b?*node=7454917011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b?*node=7454927011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b?*node=7454939011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b?*node=9052533011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/baby-reg/homepage/?_encoding=UTF8&ref_=sv_wl_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/baby-reg/homepage/ref=wl_hz_intro
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/baby-reg/homepage?ie=UTF8&ref_=sv_cm_gft_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/baby-reg/search-results
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/business/register/org/landing?ref_=footer_retail_b2b
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/events/deals
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gift-cards/b/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/css/homepage.html/147-4280155-9611859?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/css/homepage.html?ref_=footer_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/css/homepage.html?ref_=nav_AccountFlyout_ya
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/css/order-history?ref_=footer_yo
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/css/order-history?ref_=nav_AccountFlyout_orders
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/css/order-history?ref_=nav_orders_first
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/accessibility
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=13316081&ref_=sv_ys_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=897204&ref_=sv_wl_8&sr=1-1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html/?nodeId=G7DZMQDVP963VXJS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201910160
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201971070&ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=202075050
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468496&ref_=footer_privacy
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468520&ref_=footer_shiprates
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468556
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508088&ref_=footer_cou
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=footer_gw_m_b_he
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=nav_cs_customerservice
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GA22MNAVD7XADYG9
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GDFU3JS5AL6SYHRD&ref_=footer_covid
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GLQP8385T78LUERA&ref_=universal_registries_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GWS7X8NH29WQEK5X
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/%3C%23=cItem.url%20%23%3E
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history/get?ue_back=1
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/pdp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/pdp/profile/?ie=UTF8&ref_=sv_ys_4
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/profile/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/promotion/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/twister/ajaxv2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/video/dvd-rental/settings
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.image.src%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hp/video/api
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/contact-us/ajax/initiate-trusted-contact/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/help/contact/*/message/$
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/leaderboard/top-reviewers/
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/wishlist/%3C%23=cItem.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/wishlist/%3C%23=error.button.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/wishlist/%3C%23=link.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/wishlist/%3C%23=row.url%20%23%3E
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/Martha-Freeman/e/B004MPJKKK?qid=1701867726&ref=sr_ntt_srch_lnk_49&sr=8-49
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/music/prime
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/music/unlimited
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/Paul-Fleischman/e/B000AQ8WWW?qid=1701867726&ref=sr_ntt_srch_lnk_21&sr=8-21
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/Rebecca-Yarros/e/B00HYKBU1W/ref=nta-top-sellers_d_sccl_1_5_bl/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/sp
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/sp?*seller=ABVFEJU8LS620
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/home
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/search
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=9nNwZbv_G7KGxc8PguiX8Aw&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-5_Zu6xOdjUUTwRtuELe9Og' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=enNwZb-BAf6Hxc8Puve3uAM&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ZWWU_aWiiQ7IbCFu3Ah9mg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=IHNwZfq3KfaSxc8P3rOK6A8&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lPfzxFMvg5CpQaCleT4sQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?atyp=i&biw=826&bih=757&dpr=2.25&mtp=10&ei=OXRwZaGRF5mTxc8P9LOdoAQ&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-mE98iAX4C-ndNt79lN5FpA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-QgMv-ecd93aHQ9GEdPx28w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SnYqbuzu7xtmJP6Ol89kjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-iXUtPqcEvllEg6VgFzl4Hg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nLnRMHYpyhympjrYIMOF7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868533756&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-RYWwcYRn-HvhvEumJTA69w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868409068&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-nfnFM3uwoYzI_L2fdUGz0g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868319603&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-th-cxHithqnpKwTkPwDqmg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868600339&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vaxvHsWjBRDGP4bZ9qS7Uw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-PQFUcQF6R9BPajqilW8kHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868535272&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-ltR8pwsh3v-JcXI12iGpCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868411083&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-kLKWHdsOAfIq13yFMFzyTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868322593&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-SZoJH3W1y0bEZWgclu3djA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868602516&opi=89978449
Method GET
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-GobDZNRHMD1Qw9rr-sfmjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /_/ConsentHttp/cspreport
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-hCnY-0mTvc6w5bcLYoVy1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentHttp/cspreport;worker-src 'self'
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentHttp/cspreport/allowlist
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /csp/_/CspCollectorHttp/cspreport
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-Q878jjf0NyrGJ-BOvm7oHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-Sl1GXDuLT8nslzfHsLXbKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-yaoP-O6SYhHCsOU-i7xaVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'report-sample' 'nonce-WeGQKYizaHlrl9JEUfOuOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self'
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /csp/_/CspCollectorHttp/cspreport/allowlist
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence require-trusted-types-for 'script';report-uri /csp/_/CspCollectorHttp/cspreport
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter Content-Security-Policy
Attack
Evidence script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /csp/_/CspCollectorHttp/cspreport/allowlist
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method POST
Parameter Content-Security-Policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method POST
Parameter content-security-policy
Attack
Evidence upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=-HNwZfb8Kcrg7_UP7PqVwAE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&hp=&rt=ttfb.233,st.235,bs.27,aaft.238,acrt.238,art.238&zx=1701868535350&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-P2c-vYo00PP3pJpTQlDw-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448&zx=1701868535110&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-us6xjCBu2RE6YclWpxx5aQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448,hpbarr.241&zx=1701868535351&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Thr-pMxBIX_0WVVFIKNjdg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.40,aft.824,prt.175,xjses.474,xjsee.596,xjs.597,dcl.600,afti.824,aftqf.825,lcp.447,fcp.447,wsrt.971,cst.321,dnst.0,rqst.650,rspt.4,sslt.16,rqstt.325,unt.2,cstt.3,dit.1152&zx=1701868534492&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-O_oMlCs4gLdhx6gq8KnLxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560&zx=1701868410521&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-AMnEbXx-5m1nShAo2UtyVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560,hpbarr.279&zx=1701868410800&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-lq8ecAO0mUA37uus1vyg7w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.635,prt.174,afti.635,aftqf.636,xjses.663,xjsee.746,xjs.746,lcp.457,fcp.457,wsrt.706,cst.314,dnst.0,rqst.389,rspt.2,sslt.12,rqstt.319,unt.2,cstt.4,dit.886&zx=1701868409716&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-K2c8zQ0UA1FPzrlZmvC-XQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=fHNwZfSWBdKyi-gPj4-7-AE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&hp=&rt=ttfb.271,st.272,bs.27,aaft.276,acrt.276,art.276&zx=1701868410799&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-97mMpYPvmcnRjTYoNmQpYg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555&zx=1701868321064&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-pMqTdzP5DI315R169D7ugQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555,hpbarr.209&zx=1701868321274&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UFpQWLTvLtLXp3DvFpJ4A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=all&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=6&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.1183,prt.163,afti.1183,cbs.38,cbt.668,xjses.704,xjsee.779,xjs.780,dcl.784,aftqf.1184,lcp.447,fcp.447,wsrt.1333,cst.695,dnst.0,rqst.390,rspt.2,sslt.376,rqstt.945,unt.1,cstt.249,dit.1502&zx=1701868320699&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-aAQGrW2Q7OYgFHGpyerjiA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Ff1VDZXh4bQnyZvQRAtAxg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=InNwZaiSJZHzsAeliYXgDg&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&hp=&rt=ttfb.202,st.204,bs.27,aaft.206,acrt.206,art.207&zx=1701868321272&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-UrSgYpU3zPd9RCKcUmW2TQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=O3RwZdnnFPuA9u8Pt4-OsAY&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&hp=&rt=ttfb.289,st.291,bs.27,aaft.293,acrt.293,art.294&zx=1701868601996&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-6g48LGx5f9MA5WUX_JwGFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476&zx=1701868601701&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-MMguFbOa8bWJUoJwtTLzaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476,hpbarr.297&zx=1701868601997&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-15sQgU2Nygoi3eCkw1QG9w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.56,aft.711,prt.202,afti.711,aftqf.712,xjses.899,xjsee.996,xjs.996,lcp.603,fcp.603,wsrt.605,cst.312,dnst.0,rqst.295,rspt.5,sslt.17,rqstt.315,unt.1,cstt.2,dit.817&zx=1701868601231&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-G7eLPRS0swu6wj2hgPcaAg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&ct=slh&v=t1&m=HV&pv=0.012108404164933084&me=1:1701868533836,V,0,0,826,757:0,B,757:0,N,1,9nNwZbv_G7KGxc8PguiX8Aw:0,R,1,1,0,0,826,757:1281,x:3548,e,B&zx=1701868538667&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fd6SQ-O0GKpMPEczoxsouw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&dt19=3&zx=1701868535104&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-_UYVdIADZ1ob7jqmhhN01w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=enNwZb-BAf6Hxc8Puve3uAM&dt19=3&zx=1701868410516&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce--vEjV1VqMpO3mHRX4Kzp4Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&im=M&pv=0.4899438790134052&me=10:1701868340931,V,0,0,0,0:4022,V,0,0,826,757:72,h,1,1,i:959,G,1,1,682,590:232,h,1,1,o:6576,h,1,1,i:2592,h,1,1,o:5824,e,U&zx=1701868361208&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-vbyh1FnNAizUyxsIxQeXgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&m=HV&pv=0.4899438790134052&me=1:1701868319672,V,0,0,826,757:0,B,757:0,N,1,IHNwZfq3KfaSxc8P3rOK6A8:0,R,1,1,0,0,826,757:1398,x:6814,e,B&zx=1701868327885&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-fWzmbbRwgUMunk7Djaxm_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&pv=0.4899438790134052&me=7:1701868327885,V,0,0,0,0:10232,V,0,0,826,757:2813,e,B&zx=1701868340930&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-qFnt5QH7afPPMHFwNK0FHQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&dt19=3&zx=1701868321061&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-wEMqjtW-nS5nBmd4JE4xjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&ct=slh&v=t1&m=HV&pv=0.8756538942773218&me=1:1701868600425,V,0,0,826,757:0,B,757:0,N,1,OXRwZaGRF5mTxc8P9LOdoAQ:0,R,1,1,0,0,826,757:1282,x:3081,e,B&zx=1701868604790&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Q-jLaJwaTEGpBvq2wS0Nnw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&dt19=3&zx=1701868601697&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hArn8l2ALnfOcVMCjJxcig' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?ei=9nNwZbv_G7KGxc8PguiX8Aw&vet=10ahUKEwi70s2r8vqCAxUyQ_EDHQL0Bc4QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0UjiKrS_MKIt8Yqw6oUwJQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?ei=enNwZb-BAf6Hxc8Puve3uAM&vet=10ahUKEwi_pqLw8fqCAxX-Q_EDHbr7DTcQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-hdLi45fr7TJZyhiFijFvFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&ved=0ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QiZAHCHk&uact=3&bl=btNu&s=webhp
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-8HdP6a37nm0gNl_4Q_Pm8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-0YAqaBqPTYeT-quFG4N2Aw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Cnx-59jLB1Zyr4r33ErvlA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?ei=OXRwZaGRF5mTxc8P9LOdoAQ&vet=10ahUKEwjhkcLL8vqCAxWZSfEDHfRZB0QQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Y_HuFfqBL2n4HA1JV4QW7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&rt=wsrt.971,aft.824,afti.824,hst.40,prt.175&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-Mqx4sdNKLYlOlg8_buBDSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&rt=wsrt.706,aft.635,afti.635,hst.38,prt.174&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-FUNFyk7I45T6QfW56tiDrw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.1183,afti.1183,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-1MTVsXVJCiOuG3G2Wheh4w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&rt=wsrt.605,aft.711,afti.711,hst.56,prt.202&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-zSvrrTGMaPcDSthSQ2GaJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
URL https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.176,afti.176,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&opi=89978449
Method POST
Parameter Content-Security-Policy
Attack
Evidence object-src 'none';base-uri 'self';script-src 'nonce-9-MXAJC_yKCMbg9UHqnoXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Other Info Warnings: The report-uri directive has been deprecated in favor of the new report-to directive
Instances 326
Solution
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
Reference http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/
http://caniuse.com/#search=content+security+policy
http://content-security-policy.com/
https://github.com/shapesecurity/salvation
https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources
CWE Id 693
WASC Id 15
Plugin Id 10055
Low
Cookie No HttpOnly Flag
Description
A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/exec/obidos/account-access-login
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/account-access-login
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/change-style
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/change-style
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/flex-sign-in
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/flex-sign-in
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/handle-buy-box
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/handle-buy-box
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/tg/cm/member/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/tg/cm/member/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/flex
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/flex
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/reader
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/reader
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-token
Attack
Evidence Set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-token
Attack
Evidence Set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence Set-Cookie: CONSENT
Other Info
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter SOCS
Attack
Evidence Set-Cookie: SOCS
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
Instances 698
Solution
Ensure that the HttpOnly flag is set for all cookies.
Reference https://owasp.org/www-community/HttpOnly
CWE Id 1004
WASC Id 13
Plugin Id 10010
Low
Cookie Without Secure Flag
Description
A cookie has been set without the secure flag, which means that the cookie can be accessed via unencrypted connections.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/exec/obidos/account-access-login
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/change-style
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/flex-sign-in
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/handle-buy-box
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/tg/cm/member/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/flex
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/reader
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
Instances 204
Solution
Whenever a cookie contains sensitive information or is a session token, then it should always be passed using an encrypted channel. Ensure that the secure flag is set for cookies containing such sensitive information.
Reference https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/06-Session_Management_Testing/02-Testing_for_Cookies_Attributes.html
CWE Id 614
WASC Id 13
Plugin Id 10011
Low
Cookie with SameSite Attribute None
Description
A cookie has been set with its SameSite attribute set to "none", which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter NID
Attack
Evidence Set-Cookie: NID
Other Info
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter NID
Attack
Evidence Set-Cookie: NID
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter NID
Attack
Evidence Set-Cookie: NID
Other Info
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter NID
Attack
Evidence Set-Cookie: NID
Other Info
Instances 4
Solution
Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
Reference https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site
CWE Id 1275
WASC Id 13
Plugin Id 10054
Low
Cookie without SameSite Attribute
Description
A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/exec/obidos/account-access-login
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/account-access-login
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/change-style
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/change-style
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/flex-sign-in
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/flex-sign-in
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/handle-buy-box
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/handle-buy-box
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/exec/obidos/tg/cm/member/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/exec/obidos/tg/cm/member/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter sp-cdn
Attack
Evidence set-cookie: sp-cdn
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/content-form
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/flex
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/flex
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gfix
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/reader
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/reader
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/rentallist
Method GET
Parameter JSESSIONID
Attack
Evidence Set-Cookie: JSESSIONID
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-token
Attack
Evidence Set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/vote
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-token
Attack
Evidence Set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/voting/
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/common/du
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id
Attack
Evidence Set-cookie: session-id
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence Set-cookie: session-id-time
Other Info
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence Set-cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter i18n-prefs
Attack
Evidence Set-Cookie: i18n-prefs
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter lc-main
Attack
Evidence Set-Cookie: lc-main
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-id
Attack
Evidence Set-Cookie: session-id
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence Set-Cookie: session-id-time
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence Set-Cookie: session-token
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence Set-Cookie: ubid-main
Other Info
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence Set-Cookie: CONSENT
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter i18n-prefs
Attack
Evidence set-cookie: i18n-prefs
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter lc-main
Attack
Evidence set-cookie: lc-main
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-id
Attack
Evidence set-cookie: session-id
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-id-time
Attack
Evidence set-cookie: session-id-time
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-token
Attack
Evidence set-cookie: session-token
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter ubid-main
Attack
Evidence set-cookie: ubid-main
Other Info
Instances 699
Solution
Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
Reference https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site
CWE Id 1275
WASC Id 13
Plugin Id 10054
Low
Cross-Domain JavaScript Source File Inclusion
Description
The page includes one or more script files from a third-party domain.
URL https://www.amazon.com/amazonprime
Method GET
Parameter https://m.media-amazon.com/images/G/01/prime/detail_page/JS/en_US/amazonprime_page_fallback_template._CB444124796_.js
Attack
Evidence <script type="text/javascript" src="https://m.media-amazon.com/images/G/01/prime/detail_page/JS/en_US/amazonprime_page_fallback_template._CB444124796_.js" />'); </script>
Other Info
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter https://static.siege-amazon.com/prod/profiles/AuthenticationPortalSigninNA.js
Attack
Evidence <script type="text/javascript" async src="https://static.siege-amazon.com/prod/profiles/AuthenticationPortalSigninNA.js"> </script>
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter https://static.siege-amazon.com/prod/profiles/AuthenticationPortalSigninNA.js
Attack
Evidence <script type="text/javascript" async src="https://static.siege-amazon.com/prod/profiles/AuthenticationPortalSigninNA.js"> </script>
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter https://static.siege-amazon.com/prod/profiles/AuthenticationPortalSigninNA.js
Attack
Evidence <script type="text/javascript" async src="https://static.siege-amazon.com/prod/profiles/AuthenticationPortalSigninNA.js"> </script>
Other Info
URL https://www.amazon.com/events/deals
Method GET
Parameter https://m.media-amazon.com/images/I/117v7jc3KOL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/117v7jc3KOL.js"></script>
Other Info
URL https://www.amazon.com/events/deals
Method GET
Parameter https://m.media-amazon.com/images/I/41R8xAdc3jL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/41R8xAdc3jL.js"></script>
Other Info
URL https://www.amazon.com/events/deals
Method GET
Parameter https://m.media-amazon.com/images/I/61-6VvUxl1L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/61-6VvUxl1L.js"></script>
Other Info
URL https://www.amazon.com/events/deals
Method GET
Parameter https://m.media-amazon.com/images/I/81OMQfeCJ-L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81OMQfeCJ-L.js"></script>
Other Info
URL https://www.amazon.com/events/deals
Method GET
Parameter https://m.media-amazon.com/images/I/A1eMMTj7OWL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/A1eMMTj7OWL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter https://m.media-amazon.com/images/I/01OCq7x-zqL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/01OCq7x-zqL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter https://m.media-amazon.com/images/I/81PKS4tZYDL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81PKS4tZYDL.js"></script>
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter https://m.media-amazon.com/images/I/91u7bIjyeiL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/91u7bIjyeiL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter https://m.media-amazon.com/images/I/117v7jc3KOL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/117v7jc3KOL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter https://m.media-amazon.com/images/I/41R8xAdc3jL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/41R8xAdc3jL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter https://m.media-amazon.com/images/I/61-6VvUxl1L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/61-6VvUxl1L.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter https://m.media-amazon.com/images/I/81OMQfeCJ-L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81OMQfeCJ-L.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter https://m.media-amazon.com/images/I/A1eMMTj7OWL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/A1eMMTj7OWL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter https://m.media-amazon.com/images/I/11FTJaZiDIL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/11FTJaZiDIL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter https://m.media-amazon.com/images/I/41eBmodscAL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/41eBmodscAL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter https://m.media-amazon.com/images/I/61yEvmP9u5L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/61yEvmP9u5L.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter https://m.media-amazon.com/images/I/81nfCEpFWjL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81nfCEpFWjL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter https://m.media-amazon.com/images/I/117v7jc3KOL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/117v7jc3KOL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter https://m.media-amazon.com/images/I/41R8xAdc3jL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/41R8xAdc3jL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter https://m.media-amazon.com/images/I/61-6VvUxl1L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/61-6VvUxl1L.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter https://m.media-amazon.com/images/I/81OMQfeCJ-L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81OMQfeCJ-L.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter https://m.media-amazon.com/images/I/A1eMMTj7OWL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/A1eMMTj7OWL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter https://m.media-amazon.com/images/I/117v7jc3KOL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/117v7jc3KOL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter https://m.media-amazon.com/images/I/41R8xAdc3jL.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/41R8xAdc3jL.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter https://m.media-amazon.com/images/I/61-6VvUxl1L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/61-6VvUxl1L.js"></script>
Other Info
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter https://m.media-amazon.com/images/I/81OMQfeCJ-L.js
Attack
Evidence <script crossorigin="anonymous" type="text/javascript" src="https://m.media-amazon.com/images/I/81OMQfeCJ-L.js"></script>
Other Info
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js
Attack
Evidence <script src="https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js"></script>
Other Info
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter https://d3216uwaav9lg7.cloudfront.net/assets-Music.js
Attack
Evidence <script src="https://d3216uwaav9lg7.cloudfront.net/assets-Music.js" type="text/javascript"></script>
Other Info
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js
Attack
Evidence <script src="https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js"></script>
Other Info
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter https://d3216uwaav9lg7.cloudfront.net/assets-Music.js
Attack
Evidence <script src="https://d3216uwaav9lg7.cloudfront.net/assets-Music.js" type="text/javascript"></script>
Other Info
URL https://www.amazon.com/music/prime
Method GET
Parameter https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js
Attack
Evidence <script src="https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js"></script>
Other Info
URL https://www.amazon.com/music/prime
Method GET
Parameter https://d3216uwaav9lg7.cloudfront.net/assets-Music.js
Attack
Evidence <script src="https://d3216uwaav9lg7.cloudfront.net/assets-Music.js" type="text/javascript"></script>
Other Info
URL https://www.amazon.com/music/unlimited
Method GET
Parameter https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js
Attack
Evidence <script src="https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js"></script>
Other Info
URL https://www.amazon.com/music/unlimited
Method GET
Parameter https://d3216uwaav9lg7.cloudfront.net/assets-Music.js
Attack
Evidence <script src="https://d3216uwaav9lg7.cloudfront.net/assets-Music.js" type="text/javascript"></script>
Other Info
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js
Attack
Evidence <script src="https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js"></script>
Other Info
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter https://d3216uwaav9lg7.cloudfront.net/assets-Music.js
Attack
Evidence <script src="https://d3216uwaav9lg7.cloudfront.net/assets-Music.js" type="text/javascript"></script>
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js
Attack
Evidence <script src="https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js"></script>
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter https://d3216uwaav9lg7.cloudfront.net/assets-Music.js
Attack
Evidence <script src="https://d3216uwaav9lg7.cloudfront.net/assets-Music.js" type="text/javascript"></script>
Other Info
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js
Attack
Evidence <script src="https://d2h8zr0m6mus4x.cloudfront.net/primesignup/in/ingress.js"></script>
Other Info
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter https://d3216uwaav9lg7.cloudfront.net/assets-Music.js
Attack
Evidence <script src="https://d3216uwaav9lg7.cloudfront.net/assets-Music.js" type="text/javascript"></script>
Other Info
Instances 92
Solution
Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.
Reference
CWE Id 829
WASC Id 15
Plugin Id 10017
Low
Strict-Transport-Security Header Not Set
Description
HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASGQmYCxvo3WfQ3BIFDUg6P0EhQJwewG0xPZE=?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASGQn11VQ7sgCk8RIFDWlIR0chrbMLunyG1js=?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASIAkf7oBlCmca-xIFDTQ30ysSBQ3c5MosIS_QQNXR0uJ-EiAJbpxO9YafN7gSBQ00N9MrEgUN3OTKLCEv0EDV0dLifg==?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASIAlunE71hp83uBIFDTQ30ysSBQ3c5MosIdCkzK_phCFy?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASJwnJq4QCIXPo6hIFDTQ30ysSBQ3c5MosEgUNaUhHRyHTwXORxEAW8xIgCW6cTvWGnze4EgUNNDfTKxIFDdzkyiwh08FzkcRAFvMSGQn11VQ7sgCk8RIFDWlIR0ch08FzkcRAFvM=?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASUQm05qxeQf5lthIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yG48gYc95InUA==?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASWAnbJ8aA8i7VxhIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDWlIR0chIIt0DxFjUEcSUQm05qxeQf5lthIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yEgi3QPEWNQRxIZCfXVVDuyAKTxEgUNaUhHRyEgi3QPEWNQRw==?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASXwlQr8fIBrGyNxIFDTQ30ysSBQ3c5MosEgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_Ifa-xNIZt9swEiAJbpxO9YafN7gSBQ00N9MrEgUN3OTKLCH2vsTSGbfbMBJRCbTmrF5B_mW2EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_Ifa-xNIZt9sw?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASZgk4WNOAGUB98RIFDTQ30ysSBQ3c5MosEgUNlJCS-hIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yFBJOyGrTnG-hIgCW6cTvWGnze4EgUNNDfTKxIFDdzkyiwhQSTshq05xvoSWAlL-34b-Hr0GRIFDZSQkvoSBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8hQSTshq05xvo=?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASZgnXavJOV0HSyRIFDTQ30ysSBQ3c5MosEgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNaUhHRyFc44s1i87ZAxIgCW6cTvWGnze4EgUNNDfTKxIFDdzkyiwhXOOLNYvO2QMSUQm05qxeQf5lthIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yFc44s1i87ZAxIZCfXVVDuyAKTxEgUNaUhHRyFc44s1i87ZAw==?alt=proto
Method GET
Parameter
Attack
Evidence
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Method GET
Parameter
Attack
Evidence
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Method GET
Parameter
Attack
Evidence
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Method GET
Parameter
Attack
Evidence
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
Method GET
Parameter
Attack
Evidence
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAGE_VISIBILITY
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1679317318&target=OPTIMIZATION_TARGET_LANGUAGE_DETECTION
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698073325&target=OPTIMIZATION_TARGET_CLIENT_SIDE_PHISHING
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678108&target=OPTIMIZATION_TARGET_GEOLOCATION_PERMISSION_PREDICTIONS
Method GET
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678199&target=OPTIMIZATION_TARGET_NOTIFICATION_PERMISSION_PREDICTIONS
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sitemap.xml
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868533756&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868409068&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868319603&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868600339&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=9nNwZbv_G7KGxc8PguiX8Aw&zx=1701868535272&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=enNwZb-BAf6Hxc8Puve3uAM&zx=1701868411083&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868322593&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=OXRwZaGRF5mTxc8P9LOdoAQ&zx=1701868602516&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=0/dg=2/br=1/ujg=1/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw/m=sy7f,syro,syrq,syrr,WlNQGd,syxr,syxt,nabPbb,syn4,syn5,syn6,syn7,syn8,syna,DPreE,syl6,syrn,syrp,CnSW2d,syxs,fXO0xe?cb=72433544&xjs=s3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=0/dg=2/br=1/ujg=1/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw/m=syeg,aLUfP?cb=72433544&xjs=s3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433544&xjs=s1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=0/dg=2/br=1/ujg=1/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw/m=syeg,aLUfP?xjs=s3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,SNUn3,UUJqVe,aa,abd,async,cEt90b,cdos,csi,d,dtl0hd,eHDfl,epYOx,hsm,jsa,mb4ZUb,ms4mZb,pHXghd,q0xTif,qddgKe,s39S4,sOXFj,sTsDMc,sb_wiz,sf,sonic,spch/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=CnSW2d,DPreE,WlNQGd,fXO0xe,nabPbb?xjs=s2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=0/dg=2/br=1/ujg=1/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg/m=sy7f,syro,syrq,syrr,WlNQGd,syxr,syxt,nabPbb,syn4,syn5,syn6,syn7,syn8,syna,DPreE,syl6,syrn,syrp,CnSW2d,syxs,fXO0xe?xjs=s3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=0/dg=2/br=1/ujg=1/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg/m=syeg,aLUfP?xjs=s3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=0/dg=2/br=1/ujg=1/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ/m=sy7f,syro,syrq,syrr,WlNQGd,syxr,syxt,nabPbb,syn4,syn5,syn6,syn7,syn8,syna,DPreE,syl6,syrn,syrp,CnSW2d,syxs,fXO0xe?cb=72433548&xjs=s3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=0/dg=2/br=1/ujg=1/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ/m=syeg,aLUfP?cb=72433548&xjs=s3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433548&xjs=s1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/md=1/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw?cb=72433544
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/md=1/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/md=1/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/xjs/_/js/md=1/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ?cb=72433548
Method GET
Parameter
Attack
Evidence
Other Info
URL https://accounts.google.com/domainreliability/upload
Method POST
Parameter
Attack
Evidence
Other Info
URL https://beacons.gcp.gvt2.com/domainreliability/upload
Method POST
Parameter
Attack
Evidence
Other Info
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter
Attack
Evidence
Other Info
URL https://csp.withgoogle.com/csp/gws/other-hp
Method POST
Parameter
Attack
Evidence
Other Info
URL https://fls-na.amazon.com/1/batch/1/OE/
Method POST
Parameter
Attack
Evidence
Other Info
URL https://optimizationguide-pa.googleapis.com/v1:GetModels?key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Method POST
Parameter
Attack
Evidence
Other Info
URL https://update.googleapis.com/service/update2/json
Method POST
Parameter
Attack
Evidence
Other Info
URL https://update.googleapis.com/service/update2/json?cup2key=13:B6ls3sxNxCDvXZYbFOWVD9hRpSFGySgfTSUNEw2dMqY&cup2hreq=0b5719bb5a8fdaaff56fa525b4992f3f310e2b9f5e1c7089c31865596b7ae6c4
Method POST
Parameter
Attack
Evidence
Other Info
URL https://update.googleapis.com/service/update2/json?cup2key=13:g646JsJdZHBY4v7HNWKq53hvPuJ_oqI03C9Q-mppyz0&cup2hreq=d33c7a719ae8ddb4f65a54132dc4fed69da9fce35f89cbfc1f924bf846471df5
Method POST
Parameter
Attack
Evidence
Other Info
URL https://update.googleapis.com/service/update2/json?cup2key=13:giJ4_dhXz4n-Y0Cuq5Uc89xToqe7JNqohE3-IjaJWxI&cup2hreq=1d6440e5254e0fe80f1050c290aad6cd04f8e11fac49d16f4ee3664bf71f3597
Method POST
Parameter
Attack
Evidence
Other Info
URL https://update.googleapis.com/service/update2/json?cup2key=13:opSR6Sjb1Ey3Hm37mRXyO8tOZGLZsAByOEr9eyPpmfs&cup2hreq=3394ee5537a83130a47709deab5166ed797d91cf54a77364d860edc460ad532c
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=-HNwZfb8Kcrg7_UP7PqVwAE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&hp=&rt=ttfb.233,st.235,bs.27,aaft.238,acrt.238,art.238&zx=1701868535350&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448&zx=1701868535110&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=promo&rt=hpbas.1448,hpbarr.241&zx=1701868535351&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.6383aa05-f642-4d89-ab4e-3a64b31dd62a&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.40,aft.824,prt.175,xjses.474,xjsee.596,xjs.597,dcl.600,afti.824,aftqf.825,lcp.447,fcp.447,wsrt.971,cst.321,dnst.0,rqst.650,rspt.4,sslt.16,rqstt.325,unt.2,cstt.3,dit.1152&zx=1701868534492&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560&zx=1701868410521&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=promo&rt=hpbas.1560,hpbarr.279&zx=1701868410800&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.635,prt.174,afti.635,aftqf.636,xjses.663,xjsee.746,xjs.746,lcp.457,fcp.457,wsrt.706,cst.314,dnst.0,rqst.389,rspt.2,sslt.12,rqstt.319,unt.2,cstt.4,dit.886&zx=1701868409716&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=fHNwZfSWBdKyi-gPj4-7-AE&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9b6c5b52-2aa4-4b7b-9ecf-899f28788a77&hp=&rt=ttfb.271,st.272,bs.27,aaft.276,acrt.276,art.276&zx=1701868410799&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555&zx=1701868321064&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=promo&rt=hpbas.1555,hpbarr.209&zx=1701868321274&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=all&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=6&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.38,aft.1183,prt.163,afti.1183,cbs.38,cbt.668,xjses.704,xjsee.779,xjs.780,dcl.784,aftqf.1184,lcp.447,fcp.447,wsrt.1333,cst.695,dnst.0,rqst.390,rspt.2,sslt.376,rqstt.945,unt.1,cstt.249,dit.1502&zx=1701868320699&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=InNwZaiSJZHzsAeliYXgDg&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.9ab8486a-fc50-4d51-a9d1-8aea6d444afe&hp=&rt=ttfb.202,st.204,bs.27,aaft.206,acrt.206,art.207&zx=1701868321272&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=O3RwZdnnFPuA9u8Pt4-OsAY&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&hp=&rt=ttfb.289,st.291,bs.27,aaft.293,acrt.293,art.294&zx=1701868601996&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476&zx=1701868601701&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=promo&rt=hpbas.1476,hpbarr.297&zx=1701868601997&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&s=webhp&t=all&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&adh=&cls=0&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.6,tjhs.10,jhsl.4295,dm.8&nv=ne.1,feid.5a575ebb-2776-4e13-ac75-c1f5dfe23148&net=dl.10000,ect.4g,rtt.0&hp=&p=bs.true&sys=hc.8&rt=hst.56,aft.711,prt.202,afti.711,aftqf.712,xjses.899,xjsee.996,xjs.996,lcp.603,fcp.603,wsrt.605,cst.312,dnst.0,rqst.295,rspt.5,sslt.17,rqstt.315,unt.1,cstt.2,dit.817&zx=1701868601231&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&ct=slh&v=t1&m=HV&pv=0.012108404164933084&me=1:1701868533836,V,0,0,826,757:0,B,757:0,N,1,9nNwZbv_G7KGxc8PguiX8Aw:0,R,1,1,0,0,826,757:1281,x:3548,e,B&zx=1701868538667&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=9nNwZbv_G7KGxc8PguiX8Aw&dt19=3&zx=1701868535104&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=enNwZb-BAf6Hxc8Puve3uAM&dt19=3&zx=1701868410516&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&im=M&pv=0.4899438790134052&me=10:1701868340931,V,0,0,0,0:4022,V,0,0,826,757:72,h,1,1,i:959,G,1,1,682,590:232,h,1,1,o:6576,h,1,1,i:2592,h,1,1,o:5824,e,U&zx=1701868361208&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&m=HV&pv=0.4899438790134052&me=1:1701868319672,V,0,0,826,757:0,B,757:0,N,1,IHNwZfq3KfaSxc8P3rOK6A8:0,R,1,1,0,0,826,757:1398,x:6814,e,B&zx=1701868327885&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&pv=0.4899438790134052&me=7:1701868327885,V,0,0,0,0:10232,V,0,0,826,757:2813,e,B&zx=1701868340930&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&dt19=3&zx=1701868321061&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&ct=slh&v=t1&m=HV&pv=0.8756538942773218&me=1:1701868600425,V,0,0,826,757:0,B,757:0,N,1,OXRwZaGRF5mTxc8P9LOdoAQ:0,R,1,1,0,0,826,757:1282,x:3081,e,B&zx=1701868604790&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?atyp=i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&dt19=3&zx=1701868601697&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?ei=9nNwZbv_G7KGxc8PguiX8Aw&vet=10ahUKEwi70s2r8vqCAxUyQ_EDHQL0Bc4QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?ei=enNwZb-BAf6Hxc8Puve3uAM&vet=10ahUKEwi_pqLw8fqCAxX-Q_EDHbr7DTcQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&ved=0ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QiZAHCHk&uact=3&bl=btNu&s=webhp
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?ei=OXRwZaGRF5mTxc8P9LOdoAQ&vet=10ahUKEwjhkcLL8vqCAxWZSfEDHfRZB0QQhJAHCBw..s&bl=btNu&s=webhp&gl=bg&pc=SEARCH_HOMEPAGE&isMobile=false
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=9nNwZbv_G7KGxc8PguiX8Aw&rt=wsrt.971,aft.824,afti.824,hst.40,prt.175&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=enNwZb-BAf6Hxc8Puve3uAM&rt=wsrt.706,aft.635,afti.635,hst.38,prt.174&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.1183,afti.1183,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=OXRwZaGRF5mTxc8P9LOdoAQ&rt=wsrt.605,aft.711,afti.711,hst.56,prt.202&wh=757&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=757&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&rt=wsrt.1333,aft.176,afti.176,cbs.38,cbt.668,hst.38,prt.163&wh=757&imn=8&ima=2&imad=0&imac=0&imf=0&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info
Instances 99
Solution
Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.
Reference https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html
https://owasp.org/www-community/Security_Headers
http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
http://caniuse.com/stricttransportsecurity
http://tools.ietf.org/html/rfc6797
CWE Id 319
WASC Id 15
Plugin Id 10035
Low
Timestamp Disclosure - Unix
Description
A timestamp was disclosed by the application/web server - Unix
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence 1518500249
Other Info 1518500249, which evaluates to: 2018-02-13 07:37:29
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence 1732584193
Other Info 1732584193, which evaluates to: 2024-11-26 03:23:13
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence 1859775393
Other Info 1859775393, which evaluates to: 2028-12-07 06:16:33
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence 1518500249
Other Info 1518500249, which evaluates to: 2018-02-13 07:37:29
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence 1732584193
Other Info 1732584193, which evaluates to: 2024-11-26 03:23:13
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence 1859775393
Other Info 1859775393, which evaluates to: 2028-12-07 06:16:33
URL https://www.amazon.com/Bac-Zap-Odor-Eliminator-1_gallon/dp/B007MCJJWE/ref=sr_1_29?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence 1701867752
Other Info 1701867752, which evaluates to: 2023-12-06 15:02:32
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence 1701867754
Other Info 1701867754, which evaluates to: 2023-12-06 15:02:34
URL https://www.amazon.com/Chispee-Finishing-Weaving-Leather-Melting/dp/B0CHK2D5PM/ref=sr_1_36?keywords=ZAP&qid=1701867726&sr=8-36
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence 1701867739
Other Info 1701867739, which evaluates to: 2023-12-06 15:02:19
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence 1701867741
Other Info 1701867741, which evaluates to: 2023-12-06 15:02:21
URL https://www.amazon.com/Cleansing-Conditioner-Treatment-Sulfur-Greasy/dp/B08WCMNBWC/ref=sr_1_31?keywords=ZAP&qid=1701867726&sr=8-31
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Ding-Zap-Falcones-Emergency-Repair/dp/B0BF7NXYMG/ref=sr_1_41?keywords=ZAP&qid=1701867726&sr=8-41
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/dp/B088R7QF3J?binding=kindle_edition&qid=1701867726&ref_=dbs_s_aps_series_rwt_tkin&searchxofy=true&sr=8-50
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Electric-Mosiller-Rechargeable-Powerful-Mosquitoes/dp/B09Q8W67XQ/ref=sr_1_57?keywords=ZAP&qid=1701867726&sr=8-57
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Electric-Swatter-Racket-Rechargeable-Charging/dp/B08GWRCQKJ/ref=sr_1_55?keywords=ZAP&qid=1701867726&sr=8-55
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Electric-Swatter-Rechargeable-Attractant-Charging/dp/B085DNM6JC/ref=sr_1_6?keywords=ZAP&qid=1701867726&sr=8-6
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Episode-2/dp/B091F259D2/ref=sr_1_47?keywords=ZAP&qid=1701867726&sr=8-47
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence 1678389094
Other Info 1678389094, which evaluates to: 2023-03-09 21:11:34
URL https://www.amazon.com/GameXcel-Zapper-Electric-Swatter-Mosquito/dp/B08BP57MMH/ref=sr_1_23?keywords=ZAP&qid=1701867726&sr=8-23
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/GOOTOP-Mosquito-Zapper-Outdoor-Electric/dp/B09PQF39PG/ref=sr_1_38?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence 1649374178
Other Info 1649374178, which evaluates to: 2022-04-08 02:29:38
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence 1701867720
Other Info 1701867720, which evaluates to: 2023-12-06 15:02:00
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence 1678389094
Other Info 1678389094, which evaluates to: 2023-03-09 21:11:34
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence 1678389094
Other Info 1678389094, which evaluates to: 2023-03-09 21:11:34
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence 1678389094
Other Info 1678389094, which evaluates to: 2023-03-09 21:11:34
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence 1678389094
Other Info 1678389094, which evaluates to: 2023-03-09 21:11:34
URL https://www.amazon.com/gp/offer-listing/0763680133/ref=sr_1_21_olp?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/0763680133/ref=sr_1_21_olp?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/1534405585/ref=sr_1_49_olp?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence 1534405585
Other Info 1534405585, which evaluates to: 2018-08-16 10:46:25
URL https://www.amazon.com/gp/offer-listing/1534405585/ref=sr_1_49_olp?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/1534405585/ref=sr_1_49_olp?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter Location
Attack
Evidence 1534405585
Other Info 1534405585, which evaluates to: 2018-08-16 10:46:25
URL https://www.amazon.com/gp/offer-listing/1534405585/ref=sr_1_49_olp?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B0006O8ECG/ref=sr_1_53_olp?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B0006O8ECG/ref=sr_1_53_olp?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B001JTOOEO/ref=sr_1_35_olp?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B001JTOOEO/ref=sr_1_35_olp?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B007MCJJWE/ref=sr_1_29_olp?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B007MCJJWE/ref=sr_1_29_olp?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B00GB0SFT6/ref=sr_1_52_olp?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B00GB0SFT6/ref=sr_1_52_olp?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B00SXJJ2QI/ref=sr_1_7_olp?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B00SXJJ2QI/ref=sr_1_7_olp?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B00SXJJ4I4/ref=sr_1_60_olp?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B00SXJJ4I4/ref=sr_1_60_olp?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B01L4J9O8Y/ref=sr_1_33_olp?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B01L4J9O8Y/ref=sr_1_33_olp?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B01N4B9B6I/ref=sr_1_46_olp?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B01N4B9B6I/ref=sr_1_46_olp?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B085HLLHL1/ref=sr_1_11_olp?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B085HLLHL1/ref=sr_1_11_olp?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B085K7PHB3/ref=sr_1_58_olp?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B085K7PHB3/ref=sr_1_58_olp?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B088QS5VGJ/ref=sr_1_22_olp?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B088QS5VGJ/ref=sr_1_22_olp?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B088QSKG8S/ref=sr_1_30_olp?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B088QSKG8S/ref=sr_1_30_olp?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B09PQF39PG/ref=sr_1_38_olp?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B09PQF39PG/ref=sr_1_38_olp?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B0BNN13X69/ref=sr_1_43_olp?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/offer-listing/B0BNN13X69/ref=sr_1_43_olp?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence 1419766945
Other Info 1419766945, which evaluates to: 2014-12-28 13:42:25
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence 1419766945
Other Info 1419766945, which evaluates to: 2014-12-28 13:42:25
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence 1492670022
Other Info 1492670022, which evaluates to: 2017-04-20 09:33:42
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence 1649374046
Other Info 1649374046, which evaluates to: 2022-04-08 02:27:26
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence 1419766945
Other Info 1419766945, which evaluates to: 2014-12-28 13:42:25
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence 1452179611
Other Info 1452179611, which evaluates to: 2016-01-07 17:13:31
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence 1492670022
Other Info 1492670022, which evaluates to: 2017-04-20 09:33:42
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence 1649374046
Other Info 1649374046, which evaluates to: 2022-04-08 02:27:26
URL https://www.amazon.com/Herbal-Zap-Instantly-Dissolving-Supplement/dp/B01L4J9O8Y/ref=sr_1_33?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence 1649374178
Other Info 1649374178, which evaluates to: 2022-04-08 02:29:38
URL https://www.amazon.com/Lets-Clean-The-House/dp/B0B8PGK8XW/ref=sr_1_56?keywords=ZAP&qid=1701867726&sr=8-56
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Living-Puppet-9-Inch-Friendly-Monster/dp/B0CJQBMHW1/ref=sr_1_48?keywords=ZAP&qid=1701867726&sr=8-48
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Outdoor-Cordless-Rechargeable-Mosquito-Equipped/dp/B0BNN13X69/ref=sr_1_43?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Outdoor-High-Power-Mosquito-Waterproof-Backyard/dp/B0BVQWLLT7/ref=sr_1_44?keywords=ZAP&qid=1701867726&sr=8-44
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Pacer-Technology-Zap-CA-Adhesives/dp/B0006O8ECG/ref=sr_1_53?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Pacer-Technology-Zap-Single-Adhesives/dp/B00GB0SFT6/ref=sr_1_52?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Pacer-Technology-Zap-Z-Poxy-Minute/dp/B00SXJJ4I4/ref=sr_1_60?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Pacer-Technology-Zap-Zap-Adhesives/dp/B00SXJJ2QI/ref=sr_1_7?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Pellon-Wrap-N-Zap-Batting-36-Inch-Natural/dp/B01N4B9B6I/ref=sr_1_46?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Phosooy-Electric-Aluminium-Mosquito-Hanging/dp/B08P8MJ4X3/ref=sr_1_59?keywords=ZAP&qid=1701867726&sr=8-59
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence 1649374178
Other Info 1649374178, which evaluates to: 2022-04-08 02:29:38
URL https://www.amazon.com/Pure-ZAP-Vitamin-Natural-Verified/dp/B0CLFF5X2N/ref=sr_1_51?keywords=ZAP&qid=1701867726&sr=8-51
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence 1701867754
Other Info 1701867754, which evaluates to: 2023-12-06 15:02:34
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence 1701867754
Other Info 1701867754, which evaluates to: 2023-12-06 15:02:34
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence 1701867763
Other Info 1701867763, which evaluates to: 2023-12-06 15:02:43
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence 1701867765
Other Info 1701867765, which evaluates to: 2023-12-06 15:02:45
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence 1701867761
Other Info 1701867761, which evaluates to: 2023-12-06 15:02:41
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence 1666621056
Other Info 1666621056, which evaluates to: 2022-10-24 17:17:36
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence 1701867758
Other Info 1701867758, which evaluates to: 2023-12-06 15:02:38
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence 1534405577
Other Info 1534405577, which evaluates to: 2018-08-16 10:46:17
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence 1534405585
Other Info 1534405585, which evaluates to: 2018-08-16 10:46:25
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence 1701867758
Other Info 1701867758, which evaluates to: 2023-12-06 15:02:38
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence 1701867758
Other Info 1701867758, which evaluates to: 2023-12-06 15:02:38
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence 1701867756
Other Info 1701867756, which evaluates to: 2023-12-06 15:02:36
URL https://www.amazon.com/ShiZap-Energized-Stacking-Block-Game/dp/B08HCHDPK2/ref=sr_1_39?keywords=ZAP&qid=1701867726&sr=8-39
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery-ebook/dp/B09RC2SQ5K/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820079/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820095/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/B09VLGT12H/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDA3NDc5MzQ1ODA5ODo6MDo6&url=%2FYsChois-Rechargeable-Electric-Exclusive-Mosquito%2Fdp%2FB09TYRRFX1%2Fref%3Dsr_1_28_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-28-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDA4MjgwMTA2MDE5ODo6MDo6&url=%2FYISSVIC-Electric-Mosquito-Rechargeable-Backyard%2Fdp%2FB08R8GT249%2Fref%3Dsr_1_25_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-25-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDE1MjM2MzczOTA5ODo6MDo6&url=%2FMosalogic-Mosquito-Catcher-Attractant-White-2pack%2Fdp%2FB0BR4PZL74%2Fref%3Dsr_1_20_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-20-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDE2NzYzMTk4MTc5ODo6MDo6&url=%2FZapper-Electric-Mosquito-Outdoor-Waterproof%2Fdp%2FB0B24DFDG2%2Fref%3Dsr_1_27_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-27-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDE3OTgyNjcwOTM5ODo6MDo6&url=%2FElectric-Outdoor-Mosquito-Catcher-Backyard%2Fdp%2FB0C4NJ913P%2Fref%3Dsr_1_26_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-26-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDEyNjg0NjQwMzY5ODo6MDo6&url=%2Fimirror-Electric-Replacement-Mosquito-Protection%2Fdp%2FB0B2R8TLSM%2Fref%3Dsr_1_17_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-17-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjMwMDA0MTE3NDAxNjMwMjo6MDo6&url=%2Fmafiti-Electric-Mosquito-Restaurants-Kitchen%2Fdp%2FB0CH9FGDSK%2Fref%3Dsr_1_18_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-18-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjMwMDAwODczMzk5MDQwMjo6MDo6&url=%2FOutdoor-Electric-Mosquito-Rechargeable-Backyard%2Fdp%2FB0BYCG9PBK%2Fref%3Dsr_1_19_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-19-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjIwMDEzODg3NTgyMDM5ODo6MDo6&url=%2FZAP-Zapper-Large-Twin-Pack%2Fdp%2FB07GN4JZL8%2Fref%3Dsr_1_1_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-1-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjIwMDEzODg4MzE2NDA5ODo6MDo6&url=%2FZAP-Bug-Zapper-Rechargeable-Super-Bright%2Fdp%2FB07GMZZNKQ%2Fref%3Dsr_1_3_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-3-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjIwMDEzODg5NDMxMTg5ODo6MDo6&url=%2FZAP-Bug-Zapper-Battery-Mosquito%2Fdp%2FB07KZQKWVP%2Fref%3Dsr_1_2_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-2-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjMwMDAwNzQzNDUyNzcwMjo6MDo6&url=%2FCOKIT-Catching-Insects-Mosquito-Non-Zapper%2Fdp%2FB0BZ8J1NL9%2Fref%3Dsr_1_4_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-4-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter Location
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/The-Zip-Zap-No-Small-Parts/dp/B0CBD6M8X5/ref=sr_1_42?keywords=ZAP&qid=1701867726&sr=8-42
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence 1701867753
Other Info 1701867753, which evaluates to: 2023-12-06 15:02:33
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence 1701867755
Other Info 1701867755, which evaluates to: 2023-12-06 15:02:35
URL https://www.amazon.com/ZAP-Black-Large-Twin-Zapper/dp/B08GXVGZZZ/ref=sr_1_15?keywords=ZAP&qid=1701867726&sr=8-15
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Blue-Medium-Twin-Zapper/dp/B08GWZ3LVQ/ref=sr_1_24?keywords=ZAP&qid=1701867726&sr=8-24
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Blue-Mini-Twin-Zapper/dp/B08GXB6Y9Z/ref=sr_1_45?keywords=ZAP&qid=1701867726&sr=8-45
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZ8TXWQ/ref=sr_1_14?keywords=ZAP&qid=1701867726&sr=8-14
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZQKWVP/ref=sr_1_16?keywords=ZAP&qid=1701867726&sr=8-16
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Bug-Zapper-Rechargeable-Attractant/dp/B085HLLHL1/ref=sr_1_11?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Cloth-Streak-Free-Cloths/dp/B00JOQWPNG/ref=sr_1_54?keywords=ZAP&qid=1701867726&sr=8-54
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Electric-Indoor-Zapper-Mosquito/dp/B088QS5VGJ/ref=sr_1_22?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Electric-Outdoor-Waterproof-Mosquito/dp/B088QSKG8S/ref=sr_1_30?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Formaldehyde-Brazilian-Treatment-Progressive/dp/B0BL437FFW/ref=sr_1_32?keywords=ZAP&qid=1701867726&sr=8-32
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Justin-J-Wheeler/dp/B085K7PHB3/ref=sr_1_58?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Kara-Camden/dp/B01DUIN9TC/ref=sr_1_12?keywords=ZAP&qid=1701867726&sr=8-12
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Martha-Freeman-ebook/dp/B074ZN2L3N/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence 1534405577
Other Info 1534405577, which evaluates to: 2018-08-16 10:46:17
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence 1534405585
Other Info 1534405585, which evaluates to: 2018-08-16 10:46:25
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Play-Paul-Fleischman-ebook/dp/B011S7489W/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Play-Paul-Fleischman/dp/0763627747/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Play-Revised-Paul-Fleischman/dp/0763680133/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Progressive-Brush-Long-lasting-Straightening/dp/B07SSHX3BM/ref=sr_1_8?keywords=ZAP&qid=1701867726&sr=8-8
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/ZAP-Zapper-Large-Twin-Pack/dp/B07GN4JZL8/ref=sr_1_10?keywords=ZAP&qid=1701867726&sr=8-10
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zap-Zapper-Racket-4000V-Rechargeable/dp/B06WW6831F/ref=sr_1_5?keywords=ZAP&qid=1701867726&sr=8-5
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zapped-Zendaya/dp/B00MKKCVGO/ref=sr_1_34?keywords=ZAP&qid=1701867726&sr=8-34
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence 1678024120
Other Info 1678024120, which evaluates to: 2023-03-05 15:48:40
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence 1701867753
Other Info 1701867753, which evaluates to: 2023-12-06 15:02:33
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence 1701867755
Other Info 1701867755, which evaluates to: 2023-12-06 15:02:35
URL https://www.amazon.com/Zezo-Fiber-Zap-Cloth-10-Cloths/dp/B01CH150VS/ref=sr_1_9?keywords=ZAP&qid=1701867726&sr=8-9
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.amazon.com/Zipi-Zape-Isla-del-Capit%C3%A1n/dp/B09ZKMWZ25/ref=sr_1_37?keywords=ZAP&qid=1701867726&sr=8-37
Method GET
Parameter
Attack
Evidence 1701867726
Other Info 1701867726, which evaluates to: 2023-12-06 15:02:06
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence 1518500249
Other Info 1518500249, which evaluates to: 2018-02-13 07:37:29
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence 1732584193
Other Info 1732584193, which evaluates to: 2024-11-26 03:23:13
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence 1859775393
Other Info 1859775393, which evaluates to: 2028-12-07 06:16:33
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence 1518500249
Other Info 1518500249, which evaluates to: 2018-02-13 07:37:29
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence 1732584193
Other Info 1732584193, which evaluates to: 2024-11-26 03:23:13
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence 1859775393
Other Info 1859775393, which evaluates to: 2028-12-07 06:16:33
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence 1518500249
Other Info 1518500249, which evaluates to: 2018-02-13 07:37:29
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence 1732584193
Other Info 1732584193, which evaluates to: 2024-11-26 03:23:13
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence 1859775393
Other Info 1859775393, which evaluates to: 2028-12-07 06:16:33
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence 1518500249
Other Info 1518500249, which evaluates to: 2018-02-13 07:37:29
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence 1732584193
Other Info 1732584193, which evaluates to: 2024-11-26 03:23:13
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence 1859775393
Other Info 1859775393, which evaluates to: 2028-12-07 06:16:33
URL https://optimizationguide-pa.googleapis.com/v1:GetModels?key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Method POST
Parameter
Attack
Evidence 1673999601
Other Info 1673999601, which evaluates to: 2023-01-18 01:53:21
URL https://optimizationguide-pa.googleapis.com/v1:GetModels?key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Method POST
Parameter
Attack
Evidence 1679317318
Other Info 1679317318, which evaluates to: 2023-03-20 15:01:58
URL https://optimizationguide-pa.googleapis.com/v1:GetModels?key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Method POST
Parameter
Attack
Evidence 1698073325
Other Info 1698073325, which evaluates to: 2023-10-23 18:02:05
URL https://optimizationguide-pa.googleapis.com/v1:GetModels?key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Method POST
Parameter
Attack
Evidence 1698678108
Other Info 1698678108, which evaluates to: 2023-10-30 17:01:48
URL https://optimizationguide-pa.googleapis.com/v1:GetModels?key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Method POST
Parameter
Attack
Evidence 1698678199
Other Info 1698678199, which evaluates to: 2023-10-30 17:03:19
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 1701867741
Other Info 1701867741, which evaluates to: 2023-12-06 15:02:21
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 1701867741
Other Info 1701867741, which evaluates to: 2023-12-06 15:02:21
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 1701867742
Other Info 1701867742, which evaluates to: 2023-12-06 15:02:22
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 1701867741
Other Info 1701867741, which evaluates to: 2023-12-06 15:02:21
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 1701867742
Other Info 1701867742, which evaluates to: 2023-12-06 15:02:22
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 1701867742
Other Info 1701867742, which evaluates to: 2023-12-06 15:02:22
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence 1701867742
Other Info 1701867742, which evaluates to: 2023-12-06 15:02:22
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence 1649374178
Other Info 1649374178, which evaluates to: 2022-04-08 02:29:38
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence 1701867741
Other Info 1701867741, which evaluates to: 2023-12-06 15:02:21
Instances 181
Solution
Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.
Reference http://projects.webappsec.org/w/page/13246936/Information%20Leakage
CWE Id 200
WASC Id 13
Plugin Id 10096
Low
X-Content-Type-Options Header Missing
Description
The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAGE_VISIBILITY
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://optimizationguide-pa.googleapis.com/downloads?name=1679317318&target=OPTIMIZATION_TARGET_LANGUAGE_DETECTION
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698073325&target=OPTIMIZATION_TARGET_CLIENT_SIDE_PHISHING
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678108&target=OPTIMIZATION_TARGET_GEOLOCATION_PERMISSION_PREDICTIONS
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678199&target=OPTIMIZATION_TARGET_NOTIFICATION_PERMISSION_PREDICTIONS
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/-/en$
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/-/es/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/-/he$
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/-/he/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/-/zh_TW$
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/-/zh_TW/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_5
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_6
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_7
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/?ref_=footer_logo
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_newcust
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin/ref=cart_empty_sign_in?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcart%3Fapp-nav-type%3Dnone%26dc%3Ddf
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dfooter_yo&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_AccountFlyout_orders&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_orders_first&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub%2F
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_psr_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fspr%2Freturns%2Fhomepage%2Fhomepage.html%3Fref_%3Dfooter_hy_f_4
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_subscribe_save_myd_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fauto-deliveries%2Fviewsubscriptions%3Fref_%3Dnav_AccountFlyout_sns
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_wishlist_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fls&pageId=Amazon
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_ya_signin
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ASUS-NVIDIA-GeForce-Graphics-DisplayPort/dp/B0BQTVQQP4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0BQTVQQP4&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/b/?_encoding=UTF8&ld=AZUSSOA-sell&node=12766669011&ref_=nav_cs_sell
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Bac-Zap-Odor-Eliminator-1_gallon/dp/B007MCJJWE/ref=sr_1_29?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Barbie-DreamHouse-Furniture-Accessories-Wheelchair-Accessible/dp/B08V1R73H9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B08V1R73H9&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Chispee-Finishing-Weaving-Leather-Melting/dp/B0CHK2D5PM/ref=sr_1_36?keywords=ZAP&qid=1701867726&sr=8-36
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Cleansing-Conditioner-Treatment-Sulfur-Greasy/dp/B08WCMNBWC/ref=sr_1_31?keywords=ZAP&qid=1701867726&sr=8-31
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Ding-Zap-Falcones-Emergency-Repair/dp/B0BF7NXYMG/ref=sr_1_41?keywords=ZAP&qid=1701867726&sr=8-41
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/dp/B088R7QF3J?binding=kindle_edition&qid=1701867726&ref_=dbs_s_aps_series_rwt_tkin&searchxofy=true&sr=8-50
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/dp/e-mail-friend/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/dp/manual-submit/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/dp/product-availability/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/dp/rate-this-item/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/dp/shipping/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Electric-Mosiller-Rechargeable-Powerful-Mosquitoes/dp/B09Q8W67XQ/ref=sr_1_57?keywords=ZAP&qid=1701867726&sr=8-57
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Electric-Swatter-Racket-Rechargeable-Charging/dp/B08GWRCQKJ/ref=sr_1_55?keywords=ZAP&qid=1701867726&sr=8-55
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Electric-Swatter-Rechargeable-Attractant-Charging/dp/B085DNM6JC/ref=sr_1_6?keywords=ZAP&qid=1701867726&sr=8-6
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Episode-2/dp/B091F259D2/ref=sr_1_47?keywords=ZAP&qid=1701867726&sr=8-47
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2Bw%2BSZ5NKCNicxUMlC%2Bk0dQ%3D%3D&amzn-r=%2Fref%3Dnav_logo&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2F3fuOxEhwt63ufV6T0bxcA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=03tZvbYvlNFf2acq5oHUcQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fwrite-a-review.html%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=08uZdACqvtGgyluS825gmg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=0Lihl1baWvhf6TOkXodwsA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=0XduUglPDjNSMjsxubrj3Q%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=0YOsOdJkoTlrb2JQ0RFSDA%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=1QT5N1E%2BoHYA3uY20Z45Qw%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=2%2BTC4M6etm0GUm88X8TuOQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=2UjxEKDb5KJ%2F9hQYTEgkuA%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=3c9Q%2BP%2FBegFwrtaVnNB7JQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=3LujxYM0A0USyG2OFfjV7w%3D%3D&amzn-r=%2Fref%3Dcs_503_link&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=3v%2FH%2F%2Fp8hxS87L1CRjIe8g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=4CRscPzyeHD5oPwdd4g72g%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=4L6GAxTLeRFZV1Ql%2F0XDbg%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=5PEpbY7VE%2Fx%2BF4QsbQCCsA%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=5wtQMuRaMjiNWnLNzrc%2FVQ%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=7fi5ByKad%2BdcvxZljfMzqA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=89kxzNpqpBqZafLdlFX0nQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=8T23TyPKJ9nYw28W4EnfEw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=95jTc%2Fjf17cFyeMo2q5R7g%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=97fM1dyt3h9Jc6nkywTmLA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9AQHcF15x6pT5YUsFxlgBg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9dkyynGR9nYfowg38vfKbQ%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9OGFBL46Q7pNVyNctgZC0w%3D%3D&amzn-r=%2Fhz%2Fmycd%2Fmyx%3FpageType%3Dcontent%26ref_%3Dnav_AccountFlyout_myk&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9Z05sBM3FDHZbxQkWsnZ0Q%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=apEvdI6SD8q8%2Bj6RqXItyg%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=BdXJNklVh%2FTo3oUFbCnlxg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=BMw1tPBj4bD27JeQvJERag%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=c2HyZR58QutNLD12xni6Nw%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=C7pO3cDUAWU%2FidqGpXFrjg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fiyr%2F%3Fie%3DUTF8%26ref_%3Dsv_ys_3&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=cHeprgreEvleNxcpw6qQ7g%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Czxv0r4fsgCtUApC77nCZA%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=D2GoufXGvut9%2FZMuYkd9sQ%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fauth-redirect%2Fref%3Datv_auth_red_bef%3FreturnUrl%3D%2Fgp%2Fvideo%2Fmystuff%2Fref%253Datv_auth_red_aft&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=DnotI5d00ATvL%2FoB2Njr5w%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub%252F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=E%2FKdDDIE0Gs6JwlreVZSrg%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=eJOcfxJSLiZ0gj%2BmnQ4giQ%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=eSdz%2BgPr%2BBR7xoxjOIfsSw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ESObOh2M%2BMzmGyC8otRToQ%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=f5ESAwpSkihjQPIl%2Bs9hlA%3D%3D&amzn-r=%2F%3Fref_%3Dfooter_logo&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=FcYso%2F%2BzwFW3yW%2B%2Fwf7JMg%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=fFfU2T%2FD4%2FQzYRxmhnr52g%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Ffm%2BNimpxLDgRmnUlPCD%2FA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ha10fxEJzSh0nMyxhNHj8Q%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=HbRcpcErDWcoTPiIjQDrsw%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=hWVbQrVPP60R%2FMEYDNFUqg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=IBfhlLDppwFRNkZKaih9Tw%3D%3D&amzn-r=%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-sell%26node%3D12766669011%26ref_%3Dnav_cs_sell&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ic88goIdY908wj6AsV8uHQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=IgYhIcpecxxWcC1CwgCm6w%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=IKULlAVXx5%2B3JVfsoGdx7A%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=itO3%2BJP6Ug64elgLVDhWQQ%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=jGyPq5xFSGjtlCbvS8hq8Q%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=L5KXWOaTj0isegvpVanBeg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fhome%2F%3Fie%3DUTF8%26ref_%3Dtopnav_storetab_ys&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=lmOkLtqxprRCC9EF%2FZOFHQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=moJ2W1sEIk5sorRfxeE4jw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=nC%2BIi4ovQgV0mddORPTlFg%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=NprXEQdwV%2BMflR6xPECeGA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=oCXu0M3f0U%2BzmrEAPhaLTQ%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ODTLp74NeoowmDKyrtofhQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=PBV26dQb2Y1INzjq5mIGOg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=qJp9aWa6EQ0ORMOoPRQ6RA%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=qootGElqNGNfpg%2Bx7sUGqw%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=r6Uog%2FdbGV4fFmxHdfuShg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=RjMI0bt%2BzVNA3JMjMzJg2Q%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=roxXxt79k1e3OYCnTuWDqQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=sM62fbadJtqMKBmZutzqTQ%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=SOJEh0g5GNh3yz21vEi58w%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=TWOp0asBI%2FWBWTIkLTtsjA%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=UHco0R4f7vMNkEDM0GQbJA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=uppjsyIHBaraQddL4MAISw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Uqe%2Bj44L232HSBHTqi%2FQzA%3D%3D&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=UQmQcTwDE1aALXI5YMgUmg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=v74vI2HNtwdsMew0%2BCa4yg%3D%3D&amzn-r=%2Fgp%2Fentity-alert%2Fexternal%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=VBA%2FWqJZtFSpIx8jQO%2B2TQ%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=VMnQX6Wwf9aoBCz%2FnmLPHg%3D%3D&amzn-r=%2Fref%3Dcs_503_logo&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=VpYg%2FzqJm%2BlfCHmQSz%2Bi%2FA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=WKtfmT6sXhu4UctX4MQXpw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=wmaWYeM7tTV892Nv5IT%2Brw%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=WU2u70mTqqsTO3A7Q01gmQ%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=wW1ICK07PtAJyLMWPtekow%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=xqei7DKY8jFewDqaI%2BL31g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=yGcmbher93sEDsbGY%2BmhpA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=yIpcu%2ByTIT%2BGhSDjfI7iNA%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=yu6%2FEfW%2FwPCqmg47siCmZw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=zeQeO2v0hNNZMPEQzdgpPg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Zl3unZKkp2iFjlOckDEA6Q%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/errors/validateCaptcha?amzn=zWHXuJMe95diKgc3YS%2BIAQ%3D%3D&amzn-r=%2Fdp%2FB07984JN3L%3Fie%3DUTF-8%26plattr%3DACOMFO&field-keywords=ZAP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/GameXcel-Zapper-Electric-Swatter-Mosquito/dp/B08BP57MMH/ref=sr_1_23?keywords=ZAP&qid=1701867726&sr=8-23
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/GOOTOP-Mosquito-Zapper-Outdoor-Electric/dp/B09PQF39PG/ref=sr_1_38?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/cdp/member-reviews/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/customer-reviews/common/du
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/customer-reviews/dynamic/sims-box
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/entity-alert/external?ue_back=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/help/customer/contact-us
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/orc/rml/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/product/e-mail-friend
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/product/product-availability
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/product/rate-this-item
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/socialmedia/giveaways
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/ref%3Datv_auth_red_aft
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/video/mystuff
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/video/settings
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/yourstore/home/?ie=UTF8&ref_=topnav_storetab_ys
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/yourstore/iyr/?ie=UTF8&ref_=sv_ys_3
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=cItem.url%20%23%3E
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=error.button.url%20%23%3E
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=row.url%20%23%3E
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/gp/yourstore/recs/get?ue_back=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Herbal-Zap-Instantly-Dissolving-Supplement/dp/B01L4J9O8Y/ref=sr_1_33?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/hz/wishlist/%3C%23=item.image.src%20%23%3E
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/hz/wishlist/%3C%23=item.url%20%23%3E
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/hz/wishlist/friends/ref_=cm_wl_your_friends
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/hz/wishlist/get?ue_back=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Lets-Clean-The-House/dp/B0B8PGK8XW/ref=sr_1_56?keywords=ZAP&qid=1701867726&sr=8-56
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Living-Puppet-9-Inch-Friendly-Monster/dp/B0CJQBMHW1/ref=sr_1_48?keywords=ZAP&qid=1701867726&sr=8-48
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Outdoor-Cordless-Rechargeable-Mosquito-Equipped/dp/B0BNN13X69/ref=sr_1_43?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Outdoor-High-Power-Mosquito-Waterproof-Backyard/dp/B0BVQWLLT7/ref=sr_1_44?keywords=ZAP&qid=1701867726&sr=8-44
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Pacer-Technology-Zap-CA-Adhesives/dp/B0006O8ECG/ref=sr_1_53?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Pacer-Technology-Zap-Single-Adhesives/dp/B00GB0SFT6/ref=sr_1_52?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Pacer-Technology-Zap-Z-Poxy-Minute/dp/B00SXJJ4I4/ref=sr_1_60?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Pacer-Technology-Zap-Zap-Adhesives/dp/B00SXJJ2QI/ref=sr_1_7?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Pellon-Wrap-N-Zap-Batting-36-Inch-Natural/dp/B01N4B9B6I/ref=sr_1_46?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Phosooy-Electric-Aluminium-Mosquito-Hanging/dp/B08P8MJ4X3/ref=sr_1_59?keywords=ZAP&qid=1701867726&sr=8-59
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/product-reviews/B0069IY63Y
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/product-reviews/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/product-reviews/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/product-reviews/B096X8471C/ref=nta-top-sellers_d_sccl_1_8_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Pure-ZAP-Vitamin-Natural-Verified/dp/B0CLFF5X2N/ref=sr_1_51?keywords=ZAP&qid=1701867726&sr=8-51
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=07BWCF2G9BFS2WAT7DYY&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=07BWCF2G9BFS2WAT7DYY&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=0TSXQG69TABS9N2MN4BS&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=0TSXQG69TABS9N2MN4BS&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1C4QAWK92TFBDKQ68XMC&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1C4QAWK92TFBDKQ68XMC&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1EFYFGZT8YXYSPXN15E5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1EFYFGZT8YXYSPXN15E5&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1WFHBDDCG810GF5YK07X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1WFHBDDCG810GF5YK07X&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1Z3VXBPNK2C81GBG4KT6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=1Z3VXBPNK2C81GBG4KT6&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2843QW1YGK2ADQB0BDWH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2843QW1YGK2ADQB0BDWH&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=28C41J0X5ATV52HQ161D&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=28C41J0X5ATV52HQ161D&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2G1HC0JMHZH1HK08RT2A&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2G1HC0JMHZH1HK08RT2A&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2HEHNCBP48GNZEM8T8ZT&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2HEHNCBP48GNZEM8T8ZT&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2KSNA3E6CZNB2Y0SYHF7&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2KSNA3E6CZNB2Y0SYHF7&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2M38KZXKCSH2YTCTDW5T&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2M38KZXKCSH2YTCTDW5T&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2QN51WM6363YACC173X2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2QN51WM6363YACC173X2&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2ZAA9BD0VW676AHVT7RH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=2ZAA9BD0VW676AHVT7RH&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=3BV9FT1ZXFER89W1RJHY&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=3BV9FT1ZXFER89W1RJHY&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=43D8FKDQZ91QCMAJJ2F6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=43D8FKDQZ91QCMAJJ2F6&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4AHC6Q7NA500NAKMNT6Y&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4AHC6Q7NA500NAKMNT6Y&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4H73N5T6ZTW7FPW93ABG&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4H73N5T6ZTW7FPW93ABG&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4QQD9QRNB4G6WYQCJWTK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4QQD9QRNB4G6WYQCJWTK&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4V37TFZ4BS0VAPPHY0HJ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=4V37TFZ4BS0VAPPHY0HJ&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=57CNZ33807Z2NF10ZF6F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=57CNZ33807Z2NF10ZF6F&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=5RMFKRFX7A2ZFB2NWQYD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=5RMFKRFX7A2ZFB2NWQYD&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=6BDT2114JQRFTTBQGRDH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=6BDT2114JQRFTTBQGRDH&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=6PE92FT3QPKW177SFKDA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=6PE92FT3QPKW177SFKDA&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7GW14SP04JQH5ABK7QYV&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7GW14SP04JQH5ABK7QYV&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7KQTD5V24NWM6F0Z013X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7KQTD5V24NWM6F0Z013X&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7P69HHY1REMXVDZ2HJ3J&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7P69HHY1REMXVDZ2HJ3J&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7VW03D6FYN96KHTRYSXQ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=7VW03D6FYN96KHTRYSXQ&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=88DDJH73759FVXCK962B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=88DDJH73759FVXCK962B&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=8AWNTQHXXRFRRYW07G95&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=8AWNTQHXXRFRRYW07G95&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=8FVD3S6256SP1JSY6JDZ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=8FVD3S6256SP1JSY6JDZ&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=8YY49YP1TR5T3V9M5WS9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=8YY49YP1TR5T3V9M5WS9&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=9AX29VYD3H5SBK7CF99K&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=9AX29VYD3H5SBK7CF99K&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=A4TD8T65MA3AN2GRRG46&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=A4TD8T65MA3AN2GRRG46&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=A91W32PMRE5JJT21GT3F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=A91W32PMRE5JJT21GT3F&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ADP01PVYNHX665SG5GZ8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ADP01PVYNHX665SG5GZ8&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=AEVJC6QQ8HD6PNZ0MKGK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=AEVJC6QQ8HD6PNZ0MKGK&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=AGT0JAK5TBDYNBDQJ39W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=AGT0JAK5TBDYNBDQJ39W&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=B0B9CXR6S6CNT6450E3X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=B0B9CXR6S6CNT6450E3X&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=BQFYC9E8TVPX47RAEW8K&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=BQFYC9E8TVPX47RAEW8K&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=BS5SJ8PVE3269A2WVS4Z&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=BS5SJ8PVE3269A2WVS4Z&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=BYWEH3FEAN0MXRW0A2R9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=BYWEH3FEAN0MXRW0A2R9&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=C50HD6Q541VK4VFESD9T&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=C50HD6Q541VK4VFESD9T&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=CKJSQA0WR4N6JQF3BQC8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=CKJSQA0WR4N6JQF3BQC8&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=CNFYGVMZS6MD1WF77C0R&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=CNFYGVMZS6MD1WF77C0R&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=CRNHYFDCMGYA1WW18A44&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=CRNHYFDCMGYA1WW18A44&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=D0FEJ28H4AJHCT84SS1G&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=D0FEJ28H4AJHCT84SS1G&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=D0TP68SBY7HDG3MXW48C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=D0TP68SBY7HDG3MXW48C&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=DMW032KW515C537ZNAVB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=DMW032KW515C537ZNAVB&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=DQSRAAGYWSQ6Z11PF3T5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=DQSRAAGYWSQ6Z11PF3T5&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ED5QDDQQC8TMY4AX4CKD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ED5QDDQQC8TMY4AX4CKD&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=EF7REY7J3CGVWSDGQMBD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=EF7REY7J3CGVWSDGQMBD&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=EKZMH77N5KH9EMJFS91N&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=EKZMH77N5KH9EMJFS91N&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=F2703RBKPXCGBA963E2F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=F2703RBKPXCGBA963E2F&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FJ93S7C0CB3V67HS111G&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FJ93S7C0CB3V67HS111G&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FKEC5P2PQENE8H3WWZWV&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FKEC5P2PQENE8H3WWZWV&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FRYHHF0B3Y4WV5Z3P88V&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FRYHHF0B3Y4WV5Z3P88V&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FV0VT2JMA1B9H546470B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=FV0VT2JMA1B9H546470B&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=GF0YXBRSXKKY8EVM9VW2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=GF0YXBRSXKKY8EVM9VW2&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=GSV6C79C01MVD6RE6E38&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=GSV6C79C01MVD6RE6E38&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=GVYS3XPQAMEVJRSD6KB6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=GVYS3XPQAMEVJRSD6KB6&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=H3XW4KDZACDMWY3XMYA1&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=H3XW4KDZACDMWY3XMYA1&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HG3GBHYC8EH0CQCPE3M5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HG3GBHYC8EH0CQCPE3M5&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HGEM81S0CH0XRD441JF0&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HGEM81S0CH0XRD441JF0&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HMW8T12R252DDRD2PX7Z&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HMW8T12R252DDRD2PX7Z&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HPP1TJSX9F1RRSKEHCJ2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HPP1TJSX9F1RRSKEHCJ2&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HYSFJFR7B31V19QV0PBT&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=HYSFJFR7B31V19QV0PBT&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=JS17FZBAF6JNZXRBBS03&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=JS17FZBAF6JNZXRBBS03&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=K7Q6WS07R6PS66NNMPB5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=K7Q6WS07R6PS66NNMPB5&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KAHRR4AF1M5C6ZHNJYNK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KAHRR4AF1M5C6ZHNJYNK&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KJY7W7FWHMNM0TZC9RWZ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KJY7W7FWHMNM0TZC9RWZ&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KPYV6TB3JED07RV34N9D&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KPYV6TB3JED07RV34N9D&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KRA1T1Z92P0PE6WWCTV4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KRA1T1Z92P0PE6WWCTV4&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KTSSXN5Y7FTWMK2169MS&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KTSSXN5Y7FTWMK2169MS&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KVWW9GMJTDCK71F9HMZ9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KVWW9GMJTDCK71F9HMZ9&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KYYVMS2H9T65HPWHRXD8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KYYVMS2H9T65HPWHRXD8&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KZ5Z48CAPGPG8VX17QHD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=KZ5Z48CAPGPG8VX17QHD&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=MJVSJDRB5BGMWNAE4AW9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=MJVSJDRB5BGMWNAE4AW9&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=MNENB3WDK2Y4H6FJD1CE&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=MNENB3WDK2Y4H6FJD1CE&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=NKCV5ZZSWRSYHJBAGV47&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=NKCV5ZZSWRSYHJBAGV47&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=NWMMCMQKFMDXR85ZKQK4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=NWMMCMQKFMDXR85ZKQK4&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=P3M0DN7FPSK8A237KGYA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=P3M0DN7FPSK8A237KGYA&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=P7WR7742GJXS34V08QQF&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=P7WR7742GJXS34V08QQF&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PEVE67BRDBXT5JKJYDWN&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PEVE67BRDBXT5JKJYDWN&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PGS7PWT5NBRKWM4KZNZB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PGS7PWT5NBRKWM4KZNZB&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PGTVT802A57S10DYE27W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PGTVT802A57S10DYE27W&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PK06TDEY641SJG7FE64S&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=PK06TDEY641SJG7FE64S&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=Q5G901NQ1MC6Z57DME8P&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=Q5G901NQ1MC6Z57DME8P&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=QCZCS6JSKGRR73D8V15B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=QCZCS6JSKGRR73D8V15B&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=QQTRCE7CZH7MCKWG1J0C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=QQTRCE7CZH7MCKWG1J0C&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=QWZRXD92MJDRK92N74C2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=QWZRXD92MJDRK92N74C2&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=R64GX02ZDJWMRRBX47QA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=R64GX02ZDJWMRRBX47QA&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=R8XNM7E4NW0CK8W103VM&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=R8XNM7E4NW0CK8W103VM&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=S257MZE0YP0YVBTACJWA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=S257MZE0YP0YVBTACJWA&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=V8GRNQJEW7S4AXXMR87C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=V8GRNQJEW7S4AXXMR87C&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=VD1K5XK101T25S4FGHX4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=VD1K5XK101T25S4FGHX4&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=W6TQDJBMNBB66VHTNH78&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=W6TQDJBMNBB66VHTNH78&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=WCE9CN4FM6BC9SZ3RTEN&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=WCE9CN4FM6BC9SZ3RTEN&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=XM87YZADCS23GKC3SHM6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=XM87YZADCS23GKC3SHM6&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=Y89KQTWG7TTMZWKA1H1C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=Y89KQTWG7TTMZWKA1H1C&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=YF4AE1FF6DHZ9A5BHS6W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=YF4AE1FF6DHZ9A5BHS6W&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=YWHMA1DQEF1CC76WEQPB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=YWHMA1DQEF1CC76WEQPB&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ZCP1JXMRFEJTR0G849ZG&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ZCP1JXMRFEJTR0G849ZG&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ZTYQNNF8MD0NHQNNC1N2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/rd/uedata?id=ZTYQNNF8MD0NHQNNC1N2&tepes=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ref=cs_500_link
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ref=cs_500_logo
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ref=cs_503_link
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ref=cs_503_logo
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ref=nav_logo
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/reviews/iframe
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/robots.txt
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Shark-AV2501S-Self-Empty-Navigation-UltraClean/dp/B09H8CWFNK/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H8CWFNK&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ShiZap-Energized-Stacking-Block-Game/dp/B08HCHDPK2/ref=sr_1_39?keywords=ZAP&qid=1701867726&sr=8-39
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Simply-Calphalon-Nonstick-Cookware-SA10H/dp/B001AS94TY/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B001AS94TY&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery-ebook/dp/B09RC2SQ5K/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820079/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820095/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/B09VLGT12H/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Soundcore-Cancelling-Headphones-Wireless-Bluetooth/dp/B07NM3RSRQ/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0819LK85F&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ss/customer-reviews/lighthouse/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/The-Zip-Zap-No-Small-Parts/dp/B0CBD6M8X5/ref=sr_1_42?keywords=ZAP&qid=1701867726&sr=8-42
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Black-Large-Twin-Zapper/dp/B08GXVGZZZ/ref=sr_1_15?keywords=ZAP&qid=1701867726&sr=8-15
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Blue-Medium-Twin-Zapper/dp/B08GWZ3LVQ/ref=sr_1_24?keywords=ZAP&qid=1701867726&sr=8-24
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Blue-Mini-Twin-Zapper/dp/B08GXB6Y9Z/ref=sr_1_45?keywords=ZAP&qid=1701867726&sr=8-45
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZ8TXWQ/ref=sr_1_14?keywords=ZAP&qid=1701867726&sr=8-14
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZQKWVP/ref=sr_1_16?keywords=ZAP&qid=1701867726&sr=8-16
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Bug-Zapper-Rechargeable-Attractant/dp/B085HLLHL1/ref=sr_1_11?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Cloth-Streak-Free-Cloths/dp/B00JOQWPNG/ref=sr_1_54?keywords=ZAP&qid=1701867726&sr=8-54
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Electric-Indoor-Zapper-Mosquito/dp/B088QS5VGJ/ref=sr_1_22?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Electric-Outdoor-Waterproof-Mosquito/dp/B088QSKG8S/ref=sr_1_30?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Formaldehyde-Brazilian-Treatment-Progressive/dp/B0BL437FFW/ref=sr_1_32?keywords=ZAP&qid=1701867726&sr=8-32
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Justin-J-Wheeler/dp/B085K7PHB3/ref=sr_1_58?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Kara-Camden/dp/B01DUIN9TC/ref=sr_1_12?keywords=ZAP&qid=1701867726&sr=8-12
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Martha-Freeman-ebook/dp/B074ZN2L3N/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Play-Paul-Fleischman-ebook/dp/B011S7489W/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Play-Paul-Fleischman/dp/0763627747/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Play-Revised-Paul-Fleischman/dp/0763680133/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Progressive-Brush-Long-lasting-Straightening/dp/B07SSHX3BM/ref=sr_1_8?keywords=ZAP&qid=1701867726&sr=8-8
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/ZAP-Zapper-Large-Twin-Pack/dp/B07GN4JZL8/ref=sr_1_10?keywords=ZAP&qid=1701867726&sr=8-10
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zap-Zapper-Racket-4000V-Rechargeable/dp/B06WW6831F/ref=sr_1_5?keywords=ZAP&qid=1701867726&sr=8-5
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zapped-Zendaya/dp/B00MKKCVGO/ref=sr_1_34?keywords=ZAP&qid=1701867726&sr=8-34
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zezo-Fiber-Zap-Cloth-10-Cloths/dp/B01CH150VS/ref=sr_1_9?keywords=ZAP&qid=1701867726&sr=8-9
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.amazon.com/Zipi-Zape-Isla-del-Capit%C3%A1n/dp/B09ZKMWZ25/ref=sr_1_37?keywords=ZAP&qid=1701867726&sr=8-37
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL https://www.google.com/
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Instances 608
Solution
Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.

If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.
Reference http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx
https://owasp.org/www-community/Security_Headers
CWE Id 693
WASC Id 15
Plugin Id 10021
Informational
Content Security Policy (CSP) Report-Only Header Found
Description
The response contained a Content-Security-Policy-Report-Only header, this may indicate a work-in-progress implementation, or an oversight in promoting pre-Prod to Prod, etc.

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b?*node=7454898011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b?*node=7454917011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b?*node=7454927011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b?*node=7454939011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b?*node=9052533011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/baby-reg/homepage/?_encoding=UTF8&ref_=sv_wl_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/baby-reg/homepage/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/baby-reg/homepage?ie=UTF8&ref_=sv_cm_gft_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/baby-reg/search-results
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/business/register/org/landing?ref_=footer_retail_b2b
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/css/homepage.html/147-4280155-9611859?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref_=footer_ya
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/css/homepage.html?ref_=nav_AccountFlyout_ya
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/accessibility
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=13316081&ref_=sv_ys_5
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=897204&ref_=sv_wl_8&sr=1-1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/?nodeId=G7DZMQDVP963VXJS
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201910160
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=201971070&ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=202075050
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468496&ref_=footer_privacy
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468520&ref_=footer_shiprates
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=468556
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508088&ref_=footer_cou
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=footer_gw_m_b_he
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=508510&ref_=nav_cs_customerservice
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GA22MNAVD7XADYG9
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GDFU3JS5AL6SYHRD&ref_=footer_covid
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GLQP8385T78LUERA&ref_=universal_registries_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GWS7X8NH29WQEK5X
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/pdp/profile/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/pdp/profile/?ie=UTF8&ref_=sv_ys_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/profile/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/promotion/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/rentallist
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/twister/ajaxv2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/api
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/dvd-rental/settings
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hp/video/api
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/contact-us/ajax/initiate-trusted-contact/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/help/contact/*/message/$
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/leaderboard/top-reviewers/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/prime
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method POST
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method POST
Parameter
Attack
Evidence
Other Info
Instances 255
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
Reference https://www.w3.org/TR/CSP2/
https://w3c.github.io/webappsec-csp/
http://caniuse.com/#feat=contentsecuritypolicy
http://content-security-policy.com/
CWE Id 693
WASC Id 15
Plugin Id 10038
Informational
Content-Type Header Missing
Description
The Content-Type header was either missing or empty.
URL https://www.amazon.com/creatorhub
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/creatorhub/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/8f0cb6c5/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B01KU4BSGK&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/deal/98fe980c/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0BVDJJFXW&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/BIT/ref=footer_bit_v2_us_A0029?bitCampaignCode=A0029
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/css/returns/homepage.html?ref_=footer_hy_f_4
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/kindle/ku/ku_central?ref_=nav_AccountFlyout_ku
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/registry/wishlist/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/registry/wishlist/*/reserve
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/seller-account/mm-summary-page.html?ld=AZFooterSelfPublish&ref_=footer_publishing&topic=200260520
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/subscribe-and-save/manager/viewsubscriptions?ref_=nav_AccountFlyout_sns
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/switch-language
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/profiles/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/library
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/library?ref_=nav_AccountFlyout_yvl
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/mystuff/library/ref=atv_mstff_yvl_redrct
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/mystuff/watchlist/ref=atv_mstff_wtlp_redrct
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/profiles
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/watchlist
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/watchlist?ref_=nav_AccountFlyout_ywl
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wedding/homepage/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wedding/homepage/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wedding/homepage/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wedding/homepage/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wishlist/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wishlist/ipad-install
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wishlist/universal
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wishlist/vendor-button
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hp/video/mystuff
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hp/video/profiles
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/ls/?_encoding=UTF8&ref_=sv_cm_gft_1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/ls/?_encoding=UTF8&ref_=topnav_storetab_wl
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/ls/ref=cm_wl_your_lists
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/ls?ref_=nav_ListFlyout_navFlyout_createList_lv_redirect&triggerElementID=createList
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/hz5/yourmembershipsandsubscriptions?ref_=nav_AccountFlyout_digital_subscriptions
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ideas/?_encoding=UTF8&ref_=sv_wl_7
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ideas/lists/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ideas/lists?ref=idea_yil_tab
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/kindle-dbs/ku2?passThroughAsin=B09RC2SQ5K&ref_=mbs_ku_lp
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/ospublishing/story/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/baby?ref_=gr-landing-baby
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/create?ref_=universal_registries_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/gl/create?ref_=gr_universal_landing
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/search
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registries/wedding?ref_=gr-landing-wedding
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/registry/wishlist/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/slp/*/b$
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/slp/s$
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDA3NDc5MzQ1ODA5ODo6MDo6&url=%2FYsChois-Rechargeable-Electric-Exclusive-Mosquito%2Fdp%2FB09TYRRFX1%2Fref%3Dsr_1_28_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-28-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDA4MjgwMTA2MDE5ODo6MDo6&url=%2FYISSVIC-Electric-Mosquito-Rechargeable-Backyard%2Fdp%2FB08R8GT249%2Fref%3Dsr_1_25_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-25-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDE1MjM2MzczOTA5ODo6MDo6&url=%2FMosalogic-Mosquito-Catcher-Attractant-White-2pack%2Fdp%2FB0BR4PZL74%2Fref%3Dsr_1_20_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-20-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDE2NzYzMTk4MTc5ODo6MDo6&url=%2FZapper-Electric-Mosquito-Outdoor-Waterproof%2Fdp%2FB0B24DFDG2%2Fref%3Dsr_1_27_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-27-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDE3OTgyNjcwOTM5ODo6MDo6&url=%2FElectric-Outdoor-Mosquito-Catcher-Backyard%2Fdp%2FB0C4NJ913P%2Fref%3Dsr_1_26_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-26-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjIwMDEyNjg0NjQwMzY5ODo6MDo6&url=%2Fimirror-Electric-Replacement-Mosquito-Protection%2Fdp%2FB0B2R8TLSM%2Fref%3Dsr_1_17_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-17-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjMwMDA0MTE3NDAxNjMwMjo6MDo6&url=%2Fmafiti-Electric-Mosquito-Restaurants-Kitchen%2Fdp%2FB0CH9FGDSK%2Fref%3Dsr_1_18_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-18-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfbXRmOjMwMDAwODczMzk5MDQwMjo6MDo6&url=%2FOutdoor-Electric-Mosquito-Rechargeable-Backyard%2Fdp%2FB0BYCG9PBK%2Fref%3Dsr_1_19_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-19-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9tdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjIwMDEzODg3NTgyMDM5ODo6MDo6&url=%2FZAP-Zapper-Large-Twin-Pack%2Fdp%2FB07GN4JZL8%2Fref%3Dsr_1_1_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-1-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjIwMDEzODg4MzE2NDA5ODo6MDo6&url=%2FZAP-Bug-Zapper-Rechargeable-Super-Bright%2Fdp%2FB07GMZZNKQ%2Fref%3Dsr_1_3_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-3-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjIwMDEzODg5NDMxMTg5ODo6MDo6&url=%2FZAP-Bug-Zapper-Battery-Mosquito%2Fdp%2FB07KZQKWVP%2Fref%3Dsr_1_2_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-2-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/sspa/click?ie=UTF8&spc=MTo4NTkwOTI3Mjc0Nzc5NzA0OjE3MDE4Njc3MjY6c3BfYXRmOjMwMDAwNzQzNDUyNzcwMjo6MDo6&url=%2FCOKIT-Catching-Insects-Mosquito-Non-Zapper%2Fdp%2FB0BZ8J1NL9%2Fref%3Dsr_1_4_sspa%3Fkeywords%3DZAP%26qid%3D1701867726%26sr%3D8-4-spons%26sp_csd%3Dd2lkZ2V0TmFtZT1zcF9hdGY%26psc%3D1
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/new-registry?ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wishlist/
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wishlist/get-button
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wishlist/universal
Method GET
Parameter
Attack
Evidence
Other Info
URL https://www.amazon.com/wishlist/vendor-button
Method GET
Parameter
Attack
Evidence
Other Info
Instances 77
Solution
Ensure each page is setting the specific and appropriate content-type value for the content being delivered.
Reference http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx
CWE Id 345
WASC Id 12
Plugin Id 10019
Informational
Cookie Poisoning
Description
This check looks at user-supplied input in query string parameters and POST data to identify where cookie parameters might be controlled. This is called a cookie poisoning attack, and becomes exploitable when an attacker can manipulate the cookie in various ways. In some cases this will not be exploitable, however, allowing URL parameters to set cookie values is generally considered a bug.
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter clientContext
Attack
Evidence
Other Info An attacker may be able to poison cookie values through URL parameters. Try injecting a semicolon to see if you can add cookie values (e.g. name=controlledValue;name=anotherValue;). This was identified at: https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage User-input was found in the following cookie: ubid-main=134-9805331-2128027; Domain=.amazon.com; Expires=Thu, 05-Dec-2024 13:02:23 GMT; Path=/; Secure The user input was: clientContext=134-9805331-2128027
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter language
Attack
Evidence
Other Info An attacker may be able to poison cookie values through URL parameters. Try injecting a semicolon to see if you can add cookie values (e.g. name=controlledValue;name=anotherValue;). This was identified at: https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1 User-input was found in the following cookie: lc-main=en_US; Domain=.amazon.com; Expires=Thu, 05-Dec-2024 13:02:15 GMT; Path=/; Secure The user input was: language=en_US
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter uxe
Attack
Evidence
Other Info An attacker may be able to poison cookie values through POST parameters. To test if this is a more serious issue, you should try resending that request as a GET, with the POST parameter included as a query string parameter. For example: http://nottrusted.com/page?value=maliciousInput. This was identified at: https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true User-input was found in the following cookie: NID=511=WRXNjR8uYqa33LiFFztn5VvA8uFq6llIzNmzsIHshZyMnC6rI4uryxQTfbydYI2_B83aICvQ_PV-9OK6NRh3YmQHQBmmyIytc8nn9mvxGgPw-TcdVs8B2GkaXgPPNGs7turDQw6UcILfRE2SiBNIiORsklWS3BzDBUzP7YRBQItERz3IcBJIyaGL6vNU; expires=Sun, 05-Jan-2025 05:30:18 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none The user input was: uxe=none
Instances 3
Solution
Do not allow user input to control cookie names and values. If some query string parameters must be set in cookie values, be sure to filter out semicolon's that can serve as name/value pair delimiters.
Reference http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-cookie
CWE Id 20
WASC Id 20
Plugin Id 10029
Informational
Information Disclosure - Sensitive Information in URL
Description
The request appeared to contain sensitive information leaked in the URL. This can violate PCI and most organizational compliance policies. You can configure the list of strings for this check to add or remove values specific to your environment.
URL https://www.amazon.com/kindle-dbs/ku2?passThroughAsin=B09RC2SQ5K&ref_=mbs_ku_lp
Method GET
Parameter passThroughAsin
Attack
Evidence passThroughAsin
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: pass passThroughAsin
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=9nNwZbv_G7KGxc8PguiX8Aw.1701868534315&dpr=2.25&nolsbt=1
Method GET
Parameter authuser
Attack
Evidence authuser
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user authuser
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=enNwZb-BAf6Hxc8Puve3uAM.1701868409775&dpr=2.25&nolsbt=1
Method GET
Parameter authuser
Attack
Evidence authuser
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user authuser
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=IHNwZfq3KfaSxc8P3rOK6A8.1701868320335&dpr=2.25&nolsbt=1
Method GET
Parameter authuser
Attack
Evidence authuser
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user authuser
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=OXRwZaGRF5mTxc8P9LOdoAQ.1701868601291&dpr=2.25&nolsbt=1
Method GET
Parameter authuser
Attack
Evidence authuser
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user authuser
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&im=M&pv=0.4899438790134052&me=10:1701868340931,V,0,0,0,0:4022,V,0,0,826,757:72,h,1,1,i:959,G,1,1,682,590:232,h,1,1,o:6576,h,1,1,i:2592,h,1,1,o:5824,e,U&zx=1701868361208&opi=89978449
Method POST
Parameter pv
Attack
Evidence 0.4899438790134052
Other Info The URL appears to contain credit card information.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&m=HV&pv=0.4899438790134052&me=1:1701868319672,V,0,0,826,757:0,B,757:0,N,1,IHNwZfq3KfaSxc8P3rOK6A8:0,R,1,1,0,0,826,757:1398,x:6814,e,B&zx=1701868327885&opi=89978449
Method POST
Parameter pv
Attack
Evidence 0.4899438790134052
Other Info The URL appears to contain credit card information.
URL https://www.google.com/gen_204?atyp=i&ei=IHNwZfq3KfaSxc8P3rOK6A8&ct=slh&v=t1&pv=0.4899438790134052&me=7:1701868327885,V,0,0,0,0:10232,V,0,0,826,757:2813,e,B&zx=1701868340930&opi=89978449
Method POST
Parameter pv
Attack
Evidence 0.4899438790134052
Other Info The URL appears to contain credit card information.
Instances 8
Solution
Do not pass sensitive information in URIs.
Reference
CWE Id 200
WASC Id 13
Plugin Id 10024
Informational
Information Disclosure - Suspicious Comments
Description
The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 7 times, the first in the element starting with: "wi);wi.prototype.ca=wi.prototype.H;wi.prototype.cb=wi.prototype.Sa;wi.prototype.cc=wi.prototype.Ja;wi.prototype.cd=wi.prototype.", see evidence field for the suspicious comment/snippet.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 7 times, the first in the element starting with: "typeof d.get)for(const f of d.keys())c.set(f,d.get(f));else throw Error("fa`"+String(d));d=Array.from(c.keys()).find(f=>"content", see evidence field for the suspicious comment/snippet.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence SELECT
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "Gh=function(a){var b;if((b="A"==a.tagName&&a.hasAttribute("href")||"INPUT"==a.tagName||"TEXTAREA"==a.tagName||"SELECT"==a.tagNam", see evidence field for the suspicious comment/snippet.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence User
Other Info The following pattern was used: \bUSER\b and was detected in the element starting with: "eu=function(a,b,c){const d=b.ae(),e=b.getMetadata();var f=a.o&&!1;f=a.i||f?new _.Ml(new Yt({oh:a.i,hh:f})):new _.Ml;c+=d.getName", see evidence field for the suspicious comment/snippet.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence username
Other Info The following pattern was used: \bUSERNAME\b and was detected 3 times, the first in the element starting with: "var uB=function(a){const b=c=>encodeURIComponent(c).replace(/[!()~']|(%20)/g,d=>({"!":"%21","(":"%28",")":"%29","%20":"+","'":"%", see evidence field for the suspicious comment/snippet.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence Db
Other Info The following pattern was used: \bDB\b and was detected 4 times, the first in the element starting with: "_.ub=function(a){var b=arguments.length;if(1==b&&Array.isArray(arguments[0]))return _.ub.apply(null,arguments[0]);for(var c={},d", see evidence field for the suspicious comment/snippet.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "var Sg=function(){this.Pg=window.console};Sg.prototype.log=function(a){this.Pg&&this.Pg.log&&this.Pg.log(a)};Sg.prototype.error=", see evidence field for the suspicious comment/snippet.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "pa("Array.from",function(a){return a?a:function(b,c,d){c=null!=c?c:function(k){return k};var e=[],f="undefined"!=typeof Symbol&&", see evidence field for the suspicious comment/snippet.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected 6 times, the first in the element starting with: "(a[2]&&d?"/":"")));d=function(e){return c(e.replace(/\?/g,"%3F").replace(/#/g,"%23"))};b.query=a[5]?[d(a[5])]:[];b.jj=a[7]?[d(a[", see evidence field for the suspicious comment/snippet.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence SELECT
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "var He=function(a){return{valueOf:a}.valueOf()},Je=function(a){return new _.Ie(function(b){return b.substr(0,a.length+1).toLower", see evidence field for the suspicious comment/snippet.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence where
Other Info The following pattern was used: \bWHERE\b and was detected 3 times, the first in the element starting with: "_.g.Jp=function(a){this.T.context=a};var io=function(a,b){a.T._rpcReadyFn=b};eo.prototype.getIframeEl=function(){return this.T.i", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 2 times, the first in the element starting with: "<script> (function(d,k,Q,F){function v(a){x&&x.tag&&x.tag(l(":","aui",a))}function n(a,b){x&&x.count&&x.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> window.ue_ibe = (window.ue_ibe || 0) + 1; if (window.ue_ibe === 1) { (function(e,c){function h(b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(c,g,S,H){function x(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(c,g,S,H){function x(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace("DetailPageMerchByAmazonBrandingViewConfig"));if(_np.g", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace(""));if(_np.guardFatal){_np.guardFatal(f)(_np);}else{f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 2 times, the first in the element starting with: "<script type="a-state" data-a-state="{&quot;key&quot;:&quot;ShareWidgetParams&quot;}">{"image":"https://m.media-amazon.com/image", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> P.when('jQuery').register('count-down-controller-v2', function($) { function countDown() { var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script> window.Gfhz = { pageContext: { deviceType: "desktop", marketplaceId: "ATVPDKIKX0DER", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace("CartInlineFullServerSetting"));if(_np.guardFatal){_np", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/content-form
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/content-form
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/flex
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/flex
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gfix
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gfix
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script> (function() { 'use strict'; window.Globals = window.Globals || {}; // The ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/reader
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/reader
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/rentallist
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script> (function(d,g,R,H){function x(a){y&&y.tag&&y.tag(m(":","aui",a))}function p(a,b){y&&y.count&&y.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/vote
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/vote
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/voting/
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/voting/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/prime
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/prime
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/prime
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 4 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/common/du
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/common/du
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence DEBUG
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "<script>!function(){function n(n,t){var r=i(n);return t&&(r=r("instance",t)),r}var r=[],c=0,i=function(t){return function(){var ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "<script type="text/javascript"> ue_csm.ue_unrt = 1500; (function(d,b,t){function u(a,g){var c=a.srcElement||a.target||{},b={k:v,", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">var now = function() { return (Date.now ? Date.now() : new Date().getTime()); }; var throttle = f", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(c,g,S,H){function x(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace("DetailPageMerchByAmazonBrandingViewConfig"));if(_np.g", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 4 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence Bug
Other Info The following pattern was used: \bBUG\b and was detected 3 times, the first in the element starting with: "<script type="a-state" data-a-state="{&quot;key&quot;:&quot;turbo-checkout-page-state&quot;}">{"turboWeblab":"RCX_CHECKOUT_TURBO", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence DB
Other Info The following pattern was used: \bDB\b and was detected in the element starting with: "<script class='json-content' type='application/json'>{"encryptedLazyLoadRenderRequest":"AAAAAAAAAADu7Sel50pT72MiNHrbi3/ORyEAAAAA", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(c,g,S,H){function x(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace("DetailPageMerchByAmazonBrandingViewConfig"));if(_np.g", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 3 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 2 times, the first in the element starting with: "<script nonce="1SaufpWaIgLs8PkE9_Zz1w">(function(){window.google.erd={jsr:1,bv:1915,sd:true,de:true};})();(function(){var sdo=fa", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 2 times, the first in the element starting with: "<script nonce="7zd6r0TDQUIvsSBF2MeQ5w">(function(){window.google.erd={jsr:1,bv:1915,sd:true,de:true};})();(function(){var sdo=fa", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 2 times, the first in the element starting with: "<script nonce="aPzJ0gh9RXJmrJkeLUH1Ig">(function(){window.google.erd={jsr:1,bv:1915,sd:true,de:true};})();(function(){var sdo=fa", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 2 times, the first in the element starting with: "<script nonce="ve1l1k6TFoG5YjsOBmyYPg">(function(){window.google.erd={jsr:1,bv:1915,sd:true,de:true};})();(function(){var sdo=fa", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script nonce="1SaufpWaIgLs8PkE9_Zz1w">(function(){var d=google.c.sxs;(function(){var e=Date.now(),a=d?"load2":"load";if(google.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script nonce="7zd6r0TDQUIvsSBF2MeQ5w">(function(){var d=google.c.sxs;(function(){var e=Date.now(),a=d?"load2":"load";if(google.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script nonce="aPzJ0gh9RXJmrJkeLUH1Ig">(function(){var d=google.c.sxs;(function(){var e=Date.now(),a=d?"load2":"load";if(google.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<script nonce="ve1l1k6TFoG5YjsOBmyYPg">(function(){var d=google.c.sxs;(function(){var e=Date.now(),a=d?"load2":"load";if(google.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 25 times, the first in the element starting with: "_.db=function(a){if("number"!==typeof a)throw zca("int32");if(!Number.isFinite(a))throw zca("int32");return a|0};Ica=function(a)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "_.Ce.set("debug.apply-debug-flags",_.Vn("CgIzTb"));_.Ce.set("debug.refresh-path-quality-metric",_.Vn("U8qUPd"));_.Ce.set("debug.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 40 times, the first in the element starting with: "Xha=function(a){var b=new Set;if(a.stack){a=a.stack.toString().matchAll(/https:\/\/[^:]+/g);a=_.Ma(a);for(var c=a.next();!c.done", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected 8 times, the first in the element starting with: "gDa=google.jl&&google.jl.injt?google.jl.injt:0;hDa=google.jl&&google.jl.injth?google.jl.injth:0;iDa=!(!google.jl||!google.jl.inj", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence SELECT
Other Info The following pattern was used: \bSELECT\b and was detected 17 times, the first in the element starting with: "_.Dl=function(a){var b;if((b="A"==a.tagName&&a.hasAttribute("href")||"INPUT"==a.tagName||"TEXTAREA"==a.tagName||"SELECT"==a.tagN", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence user
Other Info The following pattern was used: \bUSER\b and was detected 3 times, the first in the element starting with: "a.message||"The request is not allowed by the user agent or the platform in the current context, possibly because the user denie", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEJVgaePY-G0flEHorwhfOA77v9Mw/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433544
Method GET
Parameter
Attack
Evidence username
Other Info The following pattern was used: \bUSERNAME\b and was detected 3 times, the first in the element starting with: "_.Hc=function(a,b){var c=this;b=void 0===b?{}:b;var d=void 0===b.vmb?_.YAa:b.vmb;a=""===a?[]:_.Rl(a);b=a[1]||"";this.protocol=b+", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 25 times, the first in the element starting with: "_.db=function(a){if("number"!==typeof a)throw zca("int32");if(!Number.isFinite(a))throw zca("int32");return a|0};Ica=function(a)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "_.Ce.set("debug.apply-debug-flags",_.Vn("CgIzTb"));_.Ce.set("debug.refresh-path-quality-metric",_.Vn("U8qUPd"));_.Ce.set("debug.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 40 times, the first in the element starting with: "Xha=function(a){var b=new Set;if(a.stack){a=a.stack.toString().matchAll(/https:\/\/[^:]+/g);a=_.Ma(a);for(var c=a.next();!c.done", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected 8 times, the first in the element starting with: "gDa=google.jl&&google.jl.injt?google.jl.injt:0;hDa=google.jl&&google.jl.injth?google.jl.injth:0;iDa=!(!google.jl||!google.jl.inj", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence SELECT
Other Info The following pattern was used: \bSELECT\b and was detected 17 times, the first in the element starting with: "_.Dl=function(a){var b;if((b="A"==a.tagName&&a.hasAttribute("href")||"INPUT"==a.tagName||"TEXTAREA"==a.tagName||"SELECT"==a.tagN", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence user
Other Info The following pattern was used: \bUSER\b and was detected 3 times, the first in the element starting with: "a.message||"The request is not allowed by the user agent or the platform in the current context, possibly because the user denie", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oEmTEiQXYeJZgGl2a8_tkqFEQ55jA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence username
Other Info The following pattern was used: \bUSERNAME\b and was detected 3 times, the first in the element starting with: "_.Hc=function(a,b){var c=this;b=void 0===b?{}:b;var d=void 0===b.vmb?_.YAa:b.vmb;a=""===a?[]:_.Rl(a);b=a[1]||"";this.protocol=b+", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 25 times, the first in the element starting with: "_.db=function(a){if("number"!==typeof a)throw zca("int32");if(!Number.isFinite(a))throw zca("int32");return a|0};Ica=function(a)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "_.Ce.set("debug.apply-debug-flags",_.Vn("CgIzTb"));_.Ce.set("debug.refresh-path-quality-metric",_.Vn("U8qUPd"));_.Ce.set("debug.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 40 times, the first in the element starting with: "Xha=function(a){var b=new Set;if(a.stack){a=a.stack.toString().matchAll(/https:\/\/[^:]+/g);a=_.Ma(a);for(var c=a.next();!c.done", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected 8 times, the first in the element starting with: "gDa=google.jl&&google.jl.injt?google.jl.injt:0;hDa=google.jl&&google.jl.injth?google.jl.injth:0;iDa=!(!google.jl||!google.jl.inj", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence SELECT
Other Info The following pattern was used: \bSELECT\b and was detected 17 times, the first in the element starting with: "_.Dl=function(a){var b;if((b="A"==a.tagName&&a.hasAttribute("href")||"INPUT"==a.tagName||"TEXTAREA"==a.tagName||"SELECT"==a.tagN", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence user
Other Info The following pattern was used: \bUSER\b and was detected 3 times, the first in the element starting with: "a.message||"The request is not allowed by the user agent or the platform in the current context, possibly because the user denie", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/ed=1/dg=2/br=1/rs=ACT90oFMCJBBv8dMvIFzUVNfku5jsjMygA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Method GET
Parameter
Attack
Evidence username
Other Info The following pattern was used: \bUSERNAME\b and was detected 3 times, the first in the element starting with: "_.Hc=function(a,b){var c=this;b=void 0===b?{}:b;var d=void 0===b.vmb?_.YAa:b.vmb;a=""===a?[]:_.Rl(a);b=a[1]||"";this.protocol=b+", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 25 times, the first in the element starting with: "_.db=function(a){if("number"!==typeof a)throw zca("int32");if(!Number.isFinite(a))throw zca("int32");return a|0};Ica=function(a)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected in the element starting with: "_.Ce.set("debug.apply-debug-flags",_.Vn("CgIzTb"));_.Ce.set("debug.refresh-path-quality-metric",_.Vn("U8qUPd"));_.Ce.set("debug.", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 42 times, the first in the element starting with: "Xha=function(a){var b=new Set;if(a.stack){a=a.stack.toString().matchAll(/https:\/\/[^:]+/g);a=_.Ma(a);for(var c=a.next();!c.done", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected 8 times, the first in the element starting with: "gDa=google.jl&&google.jl.injt?google.jl.injt:0;hDa=google.jl&&google.jl.injth?google.jl.injth:0;iDa=!(!google.jl||!google.jl.inj", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence SELECT
Other Info The following pattern was used: \bSELECT\b and was detected 17 times, the first in the element starting with: "_.Dl=function(a){var b;if((b="A"==a.tagName&&a.hasAttribute("href")||"INPUT"==a.tagName||"TEXTAREA"==a.tagName||"SELECT"==a.tagN", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence user
Other Info The following pattern was used: \bUSER\b and was detected 3 times, the first in the element starting with: "a.message||"The request is not allowed by the user agent or the platform in the current context, possibly because the user denie", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/ed=1/dg=2/br=1/rs=ACT90oGNGUB9sNkl5kGnbtQ_H5ePLinFTg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl?cb=72433548
Method GET
Parameter
Attack
Evidence username
Other Info The following pattern was used: \bUSERNAME\b and was detected 3 times, the first in the element starting with: "_.Hc=function(a,b){var c=this;b=void 0===b?{}:b;var d=void 0===b.vmb?_.YAa:b.vmb;a=""===a?[]:_.Rl(a);b=a[1]||"";this.protocol=b+", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433544&xjs=s1
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 5 times, the first in the element starting with: "var TTb=function(a,b){_.Ux.Qi=b.ei;var c=new qTb;c.oa=!!b.du;c.ka=!!b.dv;c.Ca=!!b.db;var d=Number(b.mmcnt);isFinite(d)&&(c.ta=d)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433544&xjs=s1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 21 times, the first in the element starting with: "b+"): "+OHh(a,c)+(d?" "+d:"")})},QHh=function(a,b){a.info(function(){return"TIMEOUT: "+b})};LHh.prototype.debug=function(){};LHh", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433544&xjs=s1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 12 times, the first in the element starting with: "_F_installCss(".jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:in", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oExGMWSwJZ5hlih1q0pMg8V5q7_nw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433544&xjs=s1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "ow.set("searchResultSelect",_.Vn("aFgeo"));ow.set("seating_class_selected",_.Vn("VTonCc"));ow.set("see_full_definition",_.Vn("Le", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 5 times, the first in the element starting with: "var TTb=function(a,b){_.Ux.Qi=b.ei;var c=new qTb;c.oa=!!b.du;c.ka=!!b.dv;c.Ca=!!b.db;var d=Number(b.mmcnt);isFinite(d)&&(c.ta=d)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 21 times, the first in the element starting with: "b+"): "+OHh(a,c)+(d?" "+d:"")})},QHh=function(a,b){a.info(function(){return"TIMEOUT: "+b})};LHh.prototype.debug=function(){};LHh", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 12 times, the first in the element starting with: "_F_installCss(".jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:in", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFaF6WDhb9sRF746o8vSZG_fgCsAw/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "ow.set("searchResultSelect",_.Vn("aFgeo"));ow.set("seating_class_selected",_.Vn("VTonCc"));ow.set("see_full_definition",_.Vn("Le", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 5 times, the first in the element starting with: "var TTb=function(a,b){_.Ux.Qi=b.ei;var c=new qTb;c.oa=!!b.du;c.ka=!!b.dv;c.Ca=!!b.db;var d=Number(b.mmcnt);isFinite(d)&&(c.ta=d)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 21 times, the first in the element starting with: "b+"): "+OHh(a,c)+(d?" "+d:"")})},QHh=function(a,b){a.info(function(){return"TIMEOUT: "+b})};LHh.prototype.debug=function(){};LHh", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 12 times, the first in the element starting with: "_F_installCss(".jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:in", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oGTv4maRz6kJKV9z1fTfSIWZDzcxg/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "ow.set("searchResultSelect",_.Vn("aFgeo"));ow.set("seating_class_selected",_.Vn("VTonCc"));ow.set("see_full_definition",_.Vn("Le", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433548&xjs=s1
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 5 times, the first in the element starting with: "var TTb=function(a,b){_.Ux.Qi=b.ei;var c=new qTb;c.oa=!!b.du;c.ka=!!b.dv;c.Ca=!!b.db;var d=Number(b.mmcnt);isFinite(d)&&(c.ta=d)", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433548&xjs=s1
Method GET
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 21 times, the first in the element starting with: "b+"): "+OHh(a,c)+(d?" "+d:"")})},QHh=function(a,b){a.info(function(){return"TIMEOUT: "+b})};LHh.prototype.debug=function(){};LHh", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433548&xjs=s1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 12 times, the first in the element starting with: "_F_installCss(".jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:in", see evidence field for the suspicious comment/snippet.
URL https://www.google.com/xjs/_/js/k=xjs.hd.en.XZqIZ5oTr0A.O/ck=xjs.hd.NT53HHdsy6U.L.W.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oHSInv_h1FKHQ6rTHtUzOuVvNaDrQ/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;KOxcK:bFOvTc;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?cb=72433548&xjs=s1
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "ow.set("searchResultSelect",_.Vn("aFgeo"));ow.set("seating_class_selected",_.Vn("VTonCc"));ow.set("see_full_definition",_.Vn("Le", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function w(a){z&&z.tag&&z.tag(l(":","aui",a))}function p(a,b){z&&z.count&&z.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence later
Other Info The following pattern was used: \bLATER\b and was detected in the element starting with: "<script type="text/javascript">(function(f) {var _np=(window.P._namespace("CartInlineFullServerSetting"));if(_np.guardFatal){_np", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence debug
Other Info The following pattern was used: \bDEBUG\b and was detected 3 times, the first in the element starting with: "<script> (function(d,f,R,H){function x(a){A&&A.tag&&A.tag(k(":","aui",a))}function n(a,b){A&&A.count&&A.count("aui:"+a,0===b?0:b", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected 2 times, the first in the element starting with: "<script type='text/javascript'> <!-- window.$Nav && $Nav.when("data").run(function(data) { data({"freshTimeout":{"t", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence TODO
Other Info The following pattern was used: \bTODO\b and was detected in the element starting with: "<script type='text/javascript'> (function() { var viewportWidth = function() { return window.innerWidth || document.", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 2 times, the first in the element starting with: "<!-- Append onload function to stretch image on load to avoid flicker when transitioning from low res image from Mason to large ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 2 times, the first in the element starting with: "<!-- Append onload function to stretch image on load to avoid flicker when transitioning from low res image from Mason to large ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 3 times, the first in the element starting with: "<!-- Append onload function to stretch image on load to avoid flicker when transitioning from low res image from Mason to large ", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<!--used to resolve fatals from AmazonHttpSession, see https://sage.amazon.com/posts/286150 -->", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected in the element starting with: "<!--used to resolve fatals from AmazonHttpSession, see https://sage.amazon.com/posts/286150 -->", see evidence field for the suspicious comment/snippet.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence from
Other Info The following pattern was used: \bFROM\b and was detected 2 times, the first in the element starting with: "<!-- Append onload function to stretch image on load to avoid flicker when transitioning from low res image from Mason to large ", see evidence field for the suspicious comment/snippet.
Instances 927
Solution
Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.
Reference
CWE Id 200
WASC Id 13
Plugin Id 10027
Informational
Loosely Scoped Cookie
Description
Cookies can be scoped by domain or path. This check is only concerned with domain scope.The domain scope applied to a cookie determines which domains can access it. For example, a cookie can be scoped strictly to a subdomain e.g. www.nottrusted.com, or loosely scoped to a parent domain e.g. nottrusted.com. In the latter case, any subdomain of nottrusted.com can access the cookie. Loosely scoped cookies are common in mega-applications like google.com and live.com. Cookies set from a subdomain like app.foo.bar are transmitted only to that domain by the browser. However, cookies scoped to a parent-level domain may be transmitted to the parent, or any subdomain of the parent.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587740l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587738l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587768l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587771l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587770l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587769l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587744l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587767l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2332587737l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587743l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587735l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 lc-main=en_US
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587736l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587750l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587731l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587738l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587738l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587741l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587743l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587768l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587770l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587768l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587732l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587735l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587748l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587748l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ap-fid="" session-id=147-4280155-9611859 session-id-time=2332587748l ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/exec/obidos/account-access-login
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/exec/obidos/change-style
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=132-3165371-6872408
URL https://www.amazon.com/exec/obidos/flex-sign-in
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=130-7402554-6248927
URL https://www.amazon.com/exec/obidos/handle-buy-box
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=136-8493707-0325261
URL https://www.amazon.com/exec/obidos/tg/cm/member/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=145-5865731-3714800
URL https://www.amazon.com/gp
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=133-2937416-4658224 session-id-time=2082787201l session-id=135-6545954-1713505
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=136-9209887-2993654 session-id-time=2082787201l i18n-prefs=USD sp-cdn=L5Z9:BG
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=133-2937416-4658224 session-id-time=2082787201l session-id=135-6545954-1713505
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/cart
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=136-4449078-1591120
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/content-form
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2082787201l
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=133-2937416-4658224 session-id-time=2082787201l session-id=135-6545954-1713505
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/flex
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=132-9215383-9956466
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/gfix
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=132-5887336-4284607 session-id-time=2082787201l session-id=133-6770847-5623124
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=133-2937416-4658224 session-id-time=2082787201l session-id=135-6545954-1713505
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/reader
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=133-6770847-5623124
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=132-7018169-2799420
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id-time=2082787201l session-id=135-6545954-1713505
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/gp/vote
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/voting/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859 session-token=ITSAedEY8zLSTXQyxN+EkZNhYU4LpCiuMxZYzGXCQvEjtslt533TSKE1r/dY27mQp07Pb+/pz55EkMBYR9G6c+rHZHSYaM/dGFOC2MKSKUXY/sc+xfVlpU5xPXIYv80T/XXM2vOf3g6ClJ6aofDZKLhqQ6BfyiusrA3aEHLGFro8aLnGx0tWVpqg6rDtIIxQgdBkZNK6xITecHVMcxMC1c5rkNMGxcD7G4ovnqbjg8uy3uDwPNgqTP0e5nCmq8OkwFRvytHgSg3PrhB9hxWmWFv3Ih1t2hEziFGxrrn+AdP4GngDZLgGPDI8TSWJU32uF8DI6PyURek9edCcW6ZDpEtn7/K1zKU1
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=133-2937416-4658224
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2082787201l session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 session-id-time=2082787201l session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/review/common/du
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com ubid-main=134-9805331-2128027 session-id-time=2082787201l session-id=147-4280155-9611859
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com AEC=Ackid1QnLOJ1JEXoiZ3V3pMfv2Rf_kBbxo2LZkMbq0M2jIGc7yUxfW9KoEo __Secure-ENID=16.SE=r9sQFMoD3tZtpm9NUUXjo6wIWM6sU2J2hJeCgWjL-YxHKQIMygJsNhKCyM2xfhy6aurcVGqH8Roj1cDr_gybMzLw-rZjHgFKBXZBw7TKHAbMNEpzPWRIq431zpCQpxKy8WLUW12IoPfUCj0z2AF_5O2_HN4JD-99VxtZiPPq4VE CONSENT=PENDING+749
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com AEC=Ackid1SDNUOYi1S1W2xp3LUpZjyPTcXt2zAk4mx9HfGvn223l_910oUD1fI __Secure-ENID=16.SE=u6g2Igiy9eOanbsxYDniHNlPCPlYETNDNh0dqLRIvqmol6GHGhoTzzF9Dsmek6kjaLwrDX2XudS8vW9o3eBNepCp-8i9ZzbAyG9YAy4f0OjzAmFHblnwxmgNEFp6nEUzElcRk56FlOd0zCbU8pMty4sfEPxyf3dJEekPp_ZTF54 CONSENT=PENDING+172
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com AEC=Ackid1Seb2bV26xMxx3fbwu1YPzevChA44cBaUlPivw78_6jvSTQavp_Bw __Secure-ENID=16.SE=knmx-d6YsQWKLUclBOv3foXMdABzZHO9epCo4xhtP7acpqb1m8fuTZH9ybTytVjGPoEmRSY8MVtjMaEabLjJrx5puwUfFs5qza11UHJjRXjnPPPRRxoLNd0uJSW5bBa-OYDbSAG55bF-yyR293QiADECble3zJ26kfnsX2Cbrt0 CONSENT=PENDING+813
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com AEC=Ackid1TQXh5mfxEjybeXiuyD-PtodkRHsROmljsWwKiLvOWukM2qS1Lue6E __Secure-ENID=16.SE=JEhClBETtkU0oBdIyDcRBljs6i4ROdvxmGAaUnexOlFsoc4dM2tE2a-K2ZwMZbxW4fOIdCNymEqw5kH_nnLTk4YlcvaQo28mKMd2M-y6s2eKmTzPyDruHoKiLDIe47-NgUi-RWT7EG6T14igxzPjuu9BX9kQIiFvfEMSkRuXliE CONSENT=PENDING+698
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com __Secure-ENID=16.SE=BfptuzASiJ52VtO4glBuRdZ-3IUVJqoVRqB7PLaB6MMFYSB07aZQQj4D6oOXRGsV7v40Jd4voC6qPJHugE3Mh99pW0ooZX3poH0Nwm7pBaQ7v-RO-gloOeSLdGLkld3XoVDpRCwcVFVU6hbTGiaOjiAEKQK7MvAsvaVpGU_X5newAHcoqlgmcEknHAHaoV8
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com __Secure-ENID=16.SE=IBgXpmy9HoUh6i-PfsNOsOuM_UxREkicyzsSXmPAJjSMQC30azy9wTXtLV-_THewxCWEVahaaPDcxuILiiMjF0d3YCyNHSF9z5BNL6HAL-slW_1O1Ela1lfZtJlHOyQYRhOiZt7XBxgsKC9ebF7j66wvg3vZh3APo8wflA774lGRLtk9zw3vTl54hvcYuKTI
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com __Secure-ENID=16.SE=KkKILj-VDPB7VyW3jbgDdyOzjGjgSGZakV_peBB1-b5N2T3-MkIDoUBm3J3YMo7L6LRxN5YUMeQgEva4PuAGyQSWxMmRtN6UV2XGzFGZ9KXm3luWdyAu4G3g--7fo_HD7ukQw1N6xNUaAkDv1dtny1CXVgnYKk51DVZUXplXTPTahk4p3u05NLbqdCaiu-4_
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com __Secure-ENID=16.SE=YHdrjhl60LnJLG_qLWfZMcVvkgtmpsWkTGesHOMk4oKpe_gL6xYOBgVjnmUWu5GtQpH4mT4ACo68SgRbuAT0N3-_9_8MswsVLuuduorLEz9ITolmiwi5YV-I58jV1Fx671i80SLpN1FiKy1vLuVvGltwVOh7qcVGMNHlgb6SBd69LGn_fm6Nh1tcOtRcj4GU
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com NID=511=dK2efYIbCaYwxbjc9-bVsfFFOU0EgDpExx4d70NN60T-vBrzzgoLq_IMsokBe6A30ueUjWS51sM2oSUyvbe4UbGc-rdeisjKuyUq5LuC87l48gwr1YjoE93nASBCKvvAntyUfn0abo6_52MiXbOObOxd8I3TM8BWHj0iyugvpB14HXsdkDB_rFfQrA8N __Secure-ENID=delete
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: consent.google.com SOCS=CAISHAgBEhJnd3NfMjAyMzEyMDQtMF9SQzEaAmVuIAEaBgiA876rBg NID=511=WRXNjR8uYqa33LiFFztn5VvA8uFq6llIzNmzsIHshZyMnC6rI4uryxQTfbydYI2_B83aICvQ_PV-9OK6NRh3YmQHQBmmyIytc8nn9mvxGgPw-TcdVs8B2GkaXgPPNGs7turDQw6UcILfRE2SiBNIiORsklWS3BzDBUzP7YRBQItERz3IcBJIyaGL6vNU __Secure-ENID=delete
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.amazon.com session-id=147-4280155-9611859 ubid-main=134-9805331-2128027 session-token=PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2 session-id-time=2082787201l i18n-prefs=USD lc-main=en_US
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com NID=511=gcCxUiCPY7mP7_ARr0Gm45Xn41mKT0fDSqYL5fB6jdL1sO19SCplDoZAIrOarQzfLT2LS8s7yx9tIwMu5jIgeR289DiXBv_4k5EE_bru0p1ro-2JrCulF1wt_pwNfG-cLjmvEPUrgw_D4A1OnXFRgO1YGumowkoErPbx3eqxt87fhmuniJtIg4wVKvKQ __Secure-ENID=delete
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter
Attack
Evidence
Other Info The origin domain used for comparison was: www.google.com NID=511=mo_7nia26F_lUgt6Wcc---u0WBntB5BIV8Des-Bu77zuVKW5A1c0-MZqIa8ex0GydFY-m2qlViaPl1pxxwYG9Rs8rJ4BNKz2mKKGxcHrG5Hsy4f3Ih9f73vZ4ssmRo577iLvJAY1nXBfRlM5dhwX8pFbldmjvs0BsUMQONHzh29kIHacV3wXDBUYSiM0 __Secure-ENID=delete
Instances 204
Solution
Always scope cookies to a FQDN (Fully Qualified Domain Name).
Reference https://tools.ietf.org/html/rfc6265#section-4.1
https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/06-Session_Management_Testing/02-Testing_for_Cookies_Attributes.html
http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies
CWE Id 565
WASC Id 15
Plugin Id 90033
Informational
Modern Web Application
Description
The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.
URL https://www.amazon.com/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=GF0YXBRSXKKY8EVM9VW2&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:GF0YXBRSXKKY8EVM9VW2$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DGF0YXBRSXKKY8EVM9VW2%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=7VW03D6FYN96KHTRYSXQ&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:7VW03D6FYN96KHTRYSXQ$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D7VW03D6FYN96KHTRYSXQ%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/-/en$
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/-/es/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/-/he$
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/-/he/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/-/zh_TW$
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/-/zh_TW/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_5
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_6
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_7
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/?ref_=footer_logo
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/amazonprime
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:GBZG2YT69PGNWTEE25WW$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DGBZG2YT69PGNWTEE25WW:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:SYPDNNEH72DTKG8V3DKK$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DSYPDNNEH72DTKG8V3DKK:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:78S0ZXHWREVHTW360KEH$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D78S0ZXHWREVHTW360KEH:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:26SSVSDE7DM7JC6D30T0$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D26SSVSDE7DM7JC6D30T0:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:QRRPVP00MGVFGA6JDGRZ$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DQRRPVP00MGVFGA6JDGRZ:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:W3FYQ7P1NPWATQEFNP9T$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DW3FYQ7P1NPWATQEFNP9T:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:4R9TRPWZGXE25VZHHXC3$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D4R9TRPWZGXE25VZHHXC3:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:4AAH4QACFT9B28TAYRA0$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D4AAH4QACFT9B28TAYRA0:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:Z6FQ4MRJQK91125NBRC1$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DZ6FQ4MRJQK91125NBRC1:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_newcust
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin/ref=cart_empty_sign_in?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcart%3Fapp-nav-type%3Dnone%26dc%3Ddf
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dfooter_yo&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_AccountFlyout_orders&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_orders_first&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:Q699XA2PY2XVDXYA05F7$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DQ699XA2PY2XVDXYA05F7:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub%2F
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter
Attack
Evidence <a id="remember_me_learn_more_link" class="a-link-normal" href="#"> Details </a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_psr_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fspr%2Freturns%2Fhomepage%2Fhomepage.html%3Fref_%3Dfooter_hy_f_4
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_subscribe_save_myd_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fauto-deliveries%2Fviewsubscriptions%3Fref_%3Dnav_AccountFlyout_sns
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:6M299B15R919TATVY4AW$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D6M299B15R919TATVY4AW:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_wishlist_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fls&pageId=Amazon
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:ZPJVAW6CVQVXGXY59DP3$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DZPJVAW6CVQVXGXY59DP3:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:QRG01WGPNN183V6SSEWH$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DQRG01WGPNN183V6SSEWH:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:GRNRKB7A5FGS3WTV9C97$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DGRNRKB7A5FGS3WTV9C97:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:7DCX2FEWJS022JJERTVE$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D7DCX2FEWJS022JJERTVE:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:VXJ35DCQH2PQ0WSEACHK$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DVXJ35DCQH2PQ0WSEACHK:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:QNSX5J6MG4RG5HS0DG83$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DQNSX5J6MG4RG5HS0DG83:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:V3RGQ56X1DEKDY563MX1$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DV3RGQ56X1DEKDY563MX1:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:13TN80SX064C4N1MM22V$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D13TN80SX064C4N1MM22V:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:NHGSKYRSTT3YT3ZB2SGR$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DNHGSKYRSTT3YT3ZB2SGR:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:72ENP9Y3V2BHE42BHHMS$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D72ENP9Y3V2BHE42BHHMS:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2RNPX10DC5FKAJESZFYT$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3D2RNPX10DC5FKAJESZFYT:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:XV1PGFNJ82K99Q61PSDV$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DXV1PGFNJ82K99Q61PSDV:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:C37V7XDVZSY8V4987M2E$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DC37V7XDVZSY8V4987M2E:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <noscript> <img height="1" width="1" style='display:none;visibility:hidden;' src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:N55VW18HV86Q9AWARXG6$uedata=s:%2Fap%2Fuedata%3Fnoscript%26id%3DN55VW18HV86Q9AWARXG6:0' alt=""/> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_ya_signin
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ASUS-NVIDIA-GeForce-Graphics-DisplayPort/dp/B0BQTVQQP4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0BQTVQQP4&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?_encoding=UTF8&ld=AZUSSOA-sell&node=12766669011&ref_=nav_cs_sell
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Bac-Zap-Odor-Eliminator-1_gallon/dp/B007MCJJWE/ref=sr_1_29?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Barbie-DreamHouse-Furniture-Accessories-Wheelchair-Accessible/dp/B08V1R73H9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B08V1R73H9&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Chispee-Finishing-Weaving-Leather-Melting/dp/B0CHK2D5PM/ref=sr_1_36?keywords=ZAP&qid=1701867726&sr=8-36
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Cleansing-Conditioner-Treatment-Sulfur-Greasy/dp/B08WCMNBWC/ref=sr_1_31?keywords=ZAP&qid=1701867726&sr=8-31
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Ding-Zap-Falcones-Emergency-Repair/dp/B0BF7NXYMG/ref=sr_1_41?keywords=ZAP&qid=1701867726&sr=8-41
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/dp/B088R7QF3J?binding=kindle_edition&qid=1701867726&ref_=dbs_s_aps_series_rwt_tkin&searchxofy=true&sr=8-50
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/dp/e-mail-friend/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/dp/manual-submit/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/dp/product-availability/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/dp/rate-this-item/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/dp/shipping/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Electric-Mosiller-Rechargeable-Powerful-Mosquitoes/dp/B09Q8W67XQ/ref=sr_1_57?keywords=ZAP&qid=1701867726&sr=8-57
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Electric-Swatter-Racket-Rechargeable-Charging/dp/B08GWRCQKJ/ref=sr_1_55?keywords=ZAP&qid=1701867726&sr=8-55
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Electric-Swatter-Rechargeable-Attractant-Charging/dp/B085DNM6JC/ref=sr_1_6?keywords=ZAP&qid=1701867726&sr=8-6
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Episode-2/dp/B091F259D2/ref=sr_1_47?keywords=ZAP&qid=1701867726&sr=8-47
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2Bw%2BSZ5NKCNicxUMlC%2Bk0dQ%3D%3D&amzn-r=%2Fref%3Dnav_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2F3fuOxEhwt63ufV6T0bxcA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=03tZvbYvlNFf2acq5oHUcQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fwrite-a-review.html%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=08uZdACqvtGgyluS825gmg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=0Lihl1baWvhf6TOkXodwsA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=0XduUglPDjNSMjsxubrj3Q%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=0YOsOdJkoTlrb2JQ0RFSDA%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=1QT5N1E%2BoHYA3uY20Z45Qw%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=2%2BTC4M6etm0GUm88X8TuOQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=2UjxEKDb5KJ%2F9hQYTEgkuA%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=3c9Q%2BP%2FBegFwrtaVnNB7JQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=3LujxYM0A0USyG2OFfjV7w%3D%3D&amzn-r=%2Fref%3Dcs_503_link&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=3v%2FH%2F%2Fp8hxS87L1CRjIe8g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=4CRscPzyeHD5oPwdd4g72g%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=4L6GAxTLeRFZV1Ql%2F0XDbg%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=5PEpbY7VE%2Fx%2BF4QsbQCCsA%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=5wtQMuRaMjiNWnLNzrc%2FVQ%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=7fi5ByKad%2BdcvxZljfMzqA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=89kxzNpqpBqZafLdlFX0nQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=8T23TyPKJ9nYw28W4EnfEw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=95jTc%2Fjf17cFyeMo2q5R7g%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=97fM1dyt3h9Jc6nkywTmLA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9AQHcF15x6pT5YUsFxlgBg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9dkyynGR9nYfowg38vfKbQ%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9OGFBL46Q7pNVyNctgZC0w%3D%3D&amzn-r=%2Fhz%2Fmycd%2Fmyx%3FpageType%3Dcontent%26ref_%3Dnav_AccountFlyout_myk&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=9Z05sBM3FDHZbxQkWsnZ0Q%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=apEvdI6SD8q8%2Bj6RqXItyg%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=BdXJNklVh%2FTo3oUFbCnlxg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=BMw1tPBj4bD27JeQvJERag%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=c2HyZR58QutNLD12xni6Nw%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=C7pO3cDUAWU%2FidqGpXFrjg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fiyr%2F%3Fie%3DUTF8%26ref_%3Dsv_ys_3&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=cHeprgreEvleNxcpw6qQ7g%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Czxv0r4fsgCtUApC77nCZA%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=D2GoufXGvut9%2FZMuYkd9sQ%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fauth-redirect%2Fref%3Datv_auth_red_bef%3FreturnUrl%3D%2Fgp%2Fvideo%2Fmystuff%2Fref%253Datv_auth_red_aft&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=DnotI5d00ATvL%2FoB2Njr5w%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub%252F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=E%2FKdDDIE0Gs6JwlreVZSrg%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=eJOcfxJSLiZ0gj%2BmnQ4giQ%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=eSdz%2BgPr%2BBR7xoxjOIfsSw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ESObOh2M%2BMzmGyC8otRToQ%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=f5ESAwpSkihjQPIl%2Bs9hlA%3D%3D&amzn-r=%2F%3Fref_%3Dfooter_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=FcYso%2F%2BzwFW3yW%2B%2Fwf7JMg%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=fFfU2T%2FD4%2FQzYRxmhnr52g%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Ffm%2BNimpxLDgRmnUlPCD%2FA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ha10fxEJzSh0nMyxhNHj8Q%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=HbRcpcErDWcoTPiIjQDrsw%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=hWVbQrVPP60R%2FMEYDNFUqg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=IBfhlLDppwFRNkZKaih9Tw%3D%3D&amzn-r=%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-sell%26node%3D12766669011%26ref_%3Dnav_cs_sell&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ic88goIdY908wj6AsV8uHQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=IgYhIcpecxxWcC1CwgCm6w%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=IKULlAVXx5%2B3JVfsoGdx7A%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=itO3%2BJP6Ug64elgLVDhWQQ%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=jGyPq5xFSGjtlCbvS8hq8Q%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=L5KXWOaTj0isegvpVanBeg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fhome%2F%3Fie%3DUTF8%26ref_%3Dtopnav_storetab_ys&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=lmOkLtqxprRCC9EF%2FZOFHQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=moJ2W1sEIk5sorRfxeE4jw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=nC%2BIi4ovQgV0mddORPTlFg%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=NprXEQdwV%2BMflR6xPECeGA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=oCXu0M3f0U%2BzmrEAPhaLTQ%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=ODTLp74NeoowmDKyrtofhQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=PBV26dQb2Y1INzjq5mIGOg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=qJp9aWa6EQ0ORMOoPRQ6RA%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=qootGElqNGNfpg%2Bx7sUGqw%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=r6Uog%2FdbGV4fFmxHdfuShg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=RjMI0bt%2BzVNA3JMjMzJg2Q%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=roxXxt79k1e3OYCnTuWDqQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=sM62fbadJtqMKBmZutzqTQ%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=SOJEh0g5GNh3yz21vEi58w%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=TWOp0asBI%2FWBWTIkLTtsjA%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=UHco0R4f7vMNkEDM0GQbJA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=uppjsyIHBaraQddL4MAISw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Uqe%2Bj44L232HSBHTqi%2FQzA%3D%3D&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=UQmQcTwDE1aALXI5YMgUmg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=v74vI2HNtwdsMew0%2BCa4yg%3D%3D&amzn-r=%2Fgp%2Fentity-alert%2Fexternal%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=VBA%2FWqJZtFSpIx8jQO%2B2TQ%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=VMnQX6Wwf9aoBCz%2FnmLPHg%3D%3D&amzn-r=%2Fref%3Dcs_503_logo&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=VpYg%2FzqJm%2BlfCHmQSz%2Bi%2FA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=WKtfmT6sXhu4UctX4MQXpw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=wmaWYeM7tTV892Nv5IT%2Brw%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=WU2u70mTqqsTO3A7Q01gmQ%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=wW1ICK07PtAJyLMWPtekow%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=xqei7DKY8jFewDqaI%2BL31g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=yGcmbher93sEDsbGY%2BmhpA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=yIpcu%2ByTIT%2BGhSDjfI7iNA%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=yu6%2FEfW%2FwPCqmg47siCmZw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=zeQeO2v0hNNZMPEQzdgpPg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=Zl3unZKkp2iFjlOckDEA6Q%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/errors/validateCaptcha?amzn=zWHXuJMe95diKgc3YS%2BIAQ%3D%3D&amzn-r=%2Fdp%2FB07984JN3L%3Fie%3DUTF-8%26plattr%3DACOMFO&field-keywords=ZAP
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/events/deals
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/GameXcel-Zapper-Electric-Swatter-Mosquito/dp/B08BP57MMH/ref=sr_1_23?keywords=ZAP&qid=1701867726&sr=8-23
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/GOOTOP-Mosquito-Zapper-Outdoor-Electric/dp/B09PQF39PG/ref=sr_1_38?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=N0PZ8PAZXT57M77NWZ0W&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:N0PZ8PAZXT57M77NWZ0W$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DN0PZ8PAZXT57M77NWZ0W%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=8AWNTQHXXRFRRYW07G95&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:8AWNTQHXXRFRRYW07G95$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D8AWNTQHXXRFRRYW07G95%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=AXHEA1Z518XCTMPWCANV&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:AXHEA1Z518XCTMPWCANV$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DAXHEA1Z518XCTMPWCANV%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=ZTYQNNF8MD0NHQNNC1N2&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:ZTYQNNF8MD0NHQNNC1N2$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DZTYQNNF8MD0NHQNNC1N2%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=6RX4SBMC9ZS7WQ5SYCKQ&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:6RX4SBMC9ZS7WQ5SYCKQ$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D6RX4SBMC9ZS7WQ5SYCKQ%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KVWW9GMJTDCK71F9HMZ9&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:KVWW9GMJTDCK71F9HMZ9$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKVWW9GMJTDCK71F9HMZ9%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=SKHNJ34FJWX3JGMAK85X&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:SKHNJ34FJWX3JGMAK85X$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DSKHNJ34FJWX3JGMAK85X%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=PK06TDEY641SJG7FE64S&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:PK06TDEY641SJG7FE64S$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DPK06TDEY641SJG7FE64S%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=33B6CS1RJ2S4C0ZNSWR0&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:33B6CS1RJ2S4C0ZNSWR0$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D33B6CS1RJ2S4C0ZNSWR0%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=MJVSJDRB5BGMWNAE4AW9&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:MJVSJDRB5BGMWNAE4AW9$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DMJVSJDRB5BGMWNAE4AW9%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=02F1B042JRW6MG16TCJV&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:02F1B042JRW6MG16TCJV$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D02F1B042JRW6MG16TCJV%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=1Z3VXBPNK2C81GBG4KT6&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:1Z3VXBPNK2C81GBG4KT6$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D1Z3VXBPNK2C81GBG4KT6%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=50DKET0G21GFTX5NR4HJ&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:50DKET0G21GFTX5NR4HJ$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D50DKET0G21GFTX5NR4HJ%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=MNENB3WDK2Y4H6FJD1CE&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:135-6545954-1713505:MNENB3WDK2Y4H6FJD1CE$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DMNENB3WDK2Y4H6FJD1CE%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=PEVE67BRDBXT5JKJYDWN&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:PEVE67BRDBXT5JKJYDWN$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DPEVE67BRDBXT5JKJYDWN%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KAHRR4AF1M5C6ZHNJYNK&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:KAHRR4AF1M5C6ZHNJYNK$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKAHRR4AF1M5C6ZHNJYNK%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=Y89KQTWG7TTMZWKA1H1C&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:Y89KQTWG7TTMZWKA1H1C$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DY89KQTWG7TTMZWKA1H1C%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=BYWEH3FEAN0MXRW0A2R9&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:BYWEH3FEAN0MXRW0A2R9$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DBYWEH3FEAN0MXRW0A2R9%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=88DDJH73759FVXCK962B&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:88DDJH73759FVXCK962B$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D88DDJH73759FVXCK962B%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=WCE9CN4FM6BC9SZ3RTEN&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:135-6545954-1713505:WCE9CN4FM6BC9SZ3RTEN$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DWCE9CN4FM6BC9SZ3RTEN%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=CRNHYFDCMGYA1WW18A44&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:CRNHYFDCMGYA1WW18A44$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DCRNHYFDCMGYA1WW18A44%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=FV0VT2JMA1B9H546470B&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:FV0VT2JMA1B9H546470B$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DFV0VT2JMA1B9H546470B%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=PGTVT802A57S10DYE27W&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:PGTVT802A57S10DYE27W$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DPGTVT802A57S10DYE27W%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/cart
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KJY7W7FWHMNM0TZC9RWZ&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:136-4449078-1591120:KJY7W7FWHMNM0TZC9RWZ$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKJY7W7FWHMNM0TZC9RWZ%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=Y2ZM93K5DW0N6ZJQ4SF5&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:Y2ZM93K5DW0N6ZJQ4SF5$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DY2ZM93K5DW0N6ZJQ4SF5%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=MB4WTVRG84R5KX039MBX&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:MB4WTVRG84R5KX039MBX$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DMB4WTVRG84R5KX039MBX%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=FDEXC2V6QKZ6AZXYFVW7&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:FDEXC2V6QKZ6AZXYFVW7$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DFDEXC2V6QKZ6AZXYFVW7%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2WA225SQWKZHGQAXVJHT&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2WA225SQWKZHGQAXVJHT$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2WA225SQWKZHGQAXVJHT%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=06SA5AXGQHF5EJ4AFTAB&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:06SA5AXGQHF5EJ4AFTAB$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D06SA5AXGQHF5EJ4AFTAB%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/cart/view.html?ref_=nav_err_ewc_timeout
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=3BV9FT1ZXFER89W1RJHY&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:3BV9FT1ZXFER89W1RJHY$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D3BV9FT1ZXFER89W1RJHY%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/cdp/member-reviews/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/content-form
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=AGT0JAK5TBDYNBDQJ39W&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:AGT0JAK5TBDYNBDQJ39W$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DAGT0JAK5TBDYNBDQJ39W%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=4AHC6Q7NA500NAKMNT6Y&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:4AHC6Q7NA500NAKMNT6Y$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D4AHC6Q7NA500NAKMNT6Y%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2KSNA3E6CZNB2Y0SYHF7&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2KSNA3E6CZNB2Y0SYHF7$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2KSNA3E6CZNB2Y0SYHF7%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=H3XW4KDZACDMWY3XMYA1&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:H3XW4KDZACDMWY3XMYA1$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DH3XW4KDZACDMWY3XMYA1%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=07BWCF2G9BFS2WAT7DYY&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:07BWCF2G9BFS2WAT7DYY$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D07BWCF2G9BFS2WAT7DYY%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=FRYHHF0B3Y4WV5Z3P88V&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:FRYHHF0B3Y4WV5Z3P88V$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DFRYHHF0B3Y4WV5Z3P88V%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=CKJSQA0WR4N6JQF3BQC8&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:CKJSQA0WR4N6JQF3BQC8$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DCKJSQA0WR4N6JQF3BQC8%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=8FVD3S6256SP1JSY6JDZ&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:8FVD3S6256SP1JSY6JDZ$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D8FVD3S6256SP1JSY6JDZ%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=HYSFJFR7B31V19QV0PBT&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:HYSFJFR7B31V19QV0PBT$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DHYSFJFR7B31V19QV0PBT%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=7P69HHY1REMXVDZ2HJ3J&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:7P69HHY1REMXVDZ2HJ3J$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D7P69HHY1REMXVDZ2HJ3J%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-reviews/common/du
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/customer-reviews/dynamic/sims-box
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=DMW032KW515C537ZNAVB&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:DMW032KW515C537ZNAVB$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DDMW032KW515C537ZNAVB%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=EF7REY7J3CGVWSDGQMBD&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:EF7REY7J3CGVWSDGQMBD$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DEF7REY7J3CGVWSDGQMBD%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=43D8FKDQZ91QCMAJJ2F6&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:43D8FKDQZ91QCMAJJ2F6$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D43D8FKDQZ91QCMAJJ2F6%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=PGS7PWT5NBRKWM4KZNZB&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:135-6545954-1713505:PGS7PWT5NBRKWM4KZNZB$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DPGS7PWT5NBRKWM4KZNZB%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=AEVJC6QQ8HD6PNZ0MKGK&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:AEVJC6QQ8HD6PNZ0MKGK$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DAEVJC6QQ8HD6PNZ0MKGK%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=CNFYGVMZS6MD1WF77C0R&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:CNFYGVMZS6MD1WF77C0R$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DCNFYGVMZS6MD1WF77C0R%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=P3M0DN7FPSK8A237KGYA&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:P3M0DN7FPSK8A237KGYA$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DP3M0DN7FPSK8A237KGYA%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2M38KZXKCSH2YTCTDW5T&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2M38KZXKCSH2YTCTDW5T$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2M38KZXKCSH2YTCTDW5T%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/entity-alert/external?ue_back=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/flex
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=D0FEJ28H4AJHCT84SS1G&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:132-9215383-9956466:D0FEJ28H4AJHCT84SS1G$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DD0FEJ28H4AJHCT84SS1G%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2843QW1YGK2ADQB0BDWH&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2843QW1YGK2ADQB0BDWH$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2843QW1YGK2ADQB0BDWH%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=HMW8T12R252DDRD2PX7Z&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:HMW8T12R252DDRD2PX7Z$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DHMW8T12R252DDRD2PX7Z%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=K7Q6WS07R6PS66NNMPB5&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:K7Q6WS07R6PS66NNMPB5$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DK7Q6WS07R6PS66NNMPB5%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=DQSRAAGYWSQ6Z11PF3T5&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:DQSRAAGYWSQ6Z11PF3T5$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DDQSRAAGYWSQ6Z11PF3T5%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/gfix
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=B0B9CXR6S6CNT6450E3X&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:133-6770847-5623124:B0B9CXR6S6CNT6450E3X$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DB0B9CXR6S6CNT6450E3X%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=HG3GBHYC8EH0CQCPE3M5&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:HG3GBHYC8EH0CQCPE3M5$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DHG3GBHYC8EH0CQCPE3M5%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/help/customer/contact-us
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=Q5G901NQ1MC6Z57DME8P&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:Q5G901NQ1MC6Z57DME8P$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DQ5G901NQ1MC6Z57DME8P%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2QN51WM6363YACC173X2&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2QN51WM6363YACC173X2$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2QN51WM6363YACC173X2%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/history
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=YF4AE1FF6DHZ9A5BHS6W&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:135-6545954-1713505:YF4AE1FF6DHZ9A5BHS6W$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DYF4AE1FF6DHZ9A5BHS6W%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=A4TD8T65MA3AN2GRRG46&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:A4TD8T65MA3AN2GRRG46$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DA4TD8T65MA3AN2GRRG46%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=28C41J0X5ATV52HQ161D&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:28C41J0X5ATV52HQ161D$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D28C41J0X5ATV52HQ161D%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=9AX29VYD3H5SBK7CF99K&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:9AX29VYD3H5SBK7CF99K$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D9AX29VYD3H5SBK7CF99K%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=W6TQDJBMNBB66VHTNH78&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:W6TQDJBMNBB66VHTNH78$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DW6TQDJBMNBB66VHTNH78%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=1EFYFGZT8YXYSPXN15E5&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:1EFYFGZT8YXYSPXN15E5$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D1EFYFGZT8YXYSPXN15E5%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KRA1T1Z92P0PE6WWCTV4&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:KRA1T1Z92P0PE6WWCTV4$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKRA1T1Z92P0PE6WWCTV4%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=57CNZ33807Z2NF10ZF6F&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:57CNZ33807Z2NF10ZF6F$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D57CNZ33807Z2NF10ZF6F%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=7GW14SP04JQH5ABK7QYV&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:7GW14SP04JQH5ABK7QYV$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D7GW14SP04JQH5ABK7QYV%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=VD1K5XK101T25S4FGHX4&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:VD1K5XK101T25S4FGHX4$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DVD1K5XK101T25S4FGHX4%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=C50HD6Q541VK4VFESD9T&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:C50HD6Q541VK4VFESD9T$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DC50HD6Q541VK4VFESD9T%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=1WFHBDDCG810GF5YK07X&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:1WFHBDDCG810GF5YK07X$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D1WFHBDDCG810GF5YK07X%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=ADP01PVYNHX665SG5GZ8&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:ADP01PVYNHX665SG5GZ8$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DADP01PVYNHX665SG5GZ8%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=P7WR7742GJXS34V08QQF&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:P7WR7742GJXS34V08QQF$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DP7WR7742GJXS34V08QQF%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=4V37TFZ4BS0VAPPHY0HJ&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:4V37TFZ4BS0VAPPHY0HJ$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D4V37TFZ4BS0VAPPHY0HJ%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KZ5Z48CAPGPG8VX17QHD&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:KZ5Z48CAPGPG8VX17QHD$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKZ5Z48CAPGPG8VX17QHD%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/orc/rml/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=BS5SJ8PVE3269A2WVS4Z&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:BS5SJ8PVE3269A2WVS4Z$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DBS5SJ8PVE3269A2WVS4Z%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=S257MZE0YP0YVBTACJWA&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:S257MZE0YP0YVBTACJWA$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DS257MZE0YP0YVBTACJWA%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=0TSXQG69TABS9N2MN4BS&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:0TSXQG69TABS9N2MN4BS$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D0TSXQG69TABS9N2MN4BS%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=EKZMH77N5KH9EMJFS91N&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:EKZMH77N5KH9EMJFS91N$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DEKZMH77N5KH9EMJFS91N%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/product/e-mail-friend
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/product/product-availability
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/product/rate-this-item
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/reader
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=GSV6C79C01MVD6RE6E38&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:133-6770847-5623124:GSV6C79C01MVD6RE6E38$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DGSV6C79C01MVD6RE6E38%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=F2703RBKPXCGBA963E2F&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:F2703RBKPXCGBA963E2F$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DF2703RBKPXCGBA963E2F%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=QWZRXD92MJDRK92N74C2&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:QWZRXD92MJDRK92N74C2$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DQWZRXD92MJDRK92N74C2%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=YWHMA1DQEF1CC76WEQPB&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:YWHMA1DQEF1CC76WEQPB$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DYWHMA1DQEF1CC76WEQPB%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KTSSXN5Y7FTWMK2169MS&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:KTSSXN5Y7FTWMK2169MS$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKTSSXN5Y7FTWMK2169MS%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=JS17FZBAF6JNZXRBBS03&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:JS17FZBAF6JNZXRBBS03$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DJS17FZBAF6JNZXRBBS03%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=6BDT2114JQRFTTBQGRDH&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:6BDT2114JQRFTTBQGRDH$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D6BDT2114JQRFTTBQGRDH%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=QQTRCE7CZH7MCKWG1J0C&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:QQTRCE7CZH7MCKWG1J0C$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DQQTRCE7CZH7MCKWG1J0C%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/rentallist
Method GET
Parameter
Attack
Evidence <script>var aPageStart = (new Date()).getTime();</script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=5RMFKRFX7A2ZFB2NWQYD&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:5RMFKRFX7A2ZFB2NWQYD$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D5RMFKRFX7A2ZFB2NWQYD%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=FJ93S7C0CB3V67HS111G&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:FJ93S7C0CB3V67HS111G$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DFJ93S7C0CB3V67HS111G%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=ZCP1JXMRFEJTR0G849ZG&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:ZCP1JXMRFEJTR0G849ZG$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DZCP1JXMRFEJTR0G849ZG%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=3JTTRPP451H4B7V2GWJK&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:3JTTRPP451H4B7V2GWJK$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D3JTTRPP451H4B7V2GWJK%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=4QQD9QRNB4G6WYQCJWTK&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:4QQD9QRNB4G6WYQCJWTK$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D4QQD9QRNB4G6WYQCJWTK%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=WW8RT5GXNKVA1D98TFBJ&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:WW8RT5GXNKVA1D98TFBJ$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DWW8RT5GXNKVA1D98TFBJ%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=BQFYC9E8TVPX47RAEW8K&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:BQFYC9E8TVPX47RAEW8K$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DBQFYC9E8TVPX47RAEW8K%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=R64GX02ZDJWMRRBX47QA&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:R64GX02ZDJWMRRBX47QA$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DR64GX02ZDJWMRRBX47QA%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=HGEM81S0CH0XRD441JF0&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:HGEM81S0CH0XRD441JF0$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DHGEM81S0CH0XRD441JF0%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=GVYS3XPQAMEVJRSD6KB6&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:GVYS3XPQAMEVJRSD6KB6$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DGVYS3XPQAMEVJRSD6KB6%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=6PE92FT3QPKW177SFKDA&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:132-7018169-2799420:6PE92FT3QPKW177SFKDA$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D6PE92FT3QPKW177SFKDA%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KPYV6TB3JED07RV34N9D&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:KPYV6TB3JED07RV34N9D$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKPYV6TB3JED07RV34N9D%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=R8XNM7E4NW0CK8W103VM&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:135-6545954-1713505:R8XNM7E4NW0CK8W103VM$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DR8XNM7E4NW0CK8W103VM%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2ZAA9BD0VW676AHVT7RH&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2ZAA9BD0VW676AHVT7RH$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2ZAA9BD0VW676AHVT7RH%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=NKCV5ZZSWRSYHJBAGV47&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:NKCV5ZZSWRSYHJBAGV47$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DNKCV5ZZSWRSYHJBAGV47%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=RQE0YKGG0AT5YN4BRRBN&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:RQE0YKGG0AT5YN4BRRBN$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DRQE0YKGG0AT5YN4BRRBN%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=7KQTD5V24NWM6F0Z013X&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:7KQTD5V24NWM6F0Z013X$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D7KQTD5V24NWM6F0Z013X%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=XM87YZADCS23GKC3SHM6&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:XM87YZADCS23GKC3SHM6$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DXM87YZADCS23GKC3SHM6%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/socialmedia/giveaways
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2G1HC0JMHZH1HK08RT2A&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2G1HC0JMHZH1HK08RT2A$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2G1HC0JMHZH1HK08RT2A%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=KYYVMS2H9T65HPWHRXD8&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:KYYVMS2H9T65HPWHRXD8$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DKYYVMS2H9T65HPWHRXD8%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=QCZCS6JSKGRR73D8V15B&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:QCZCS6JSKGRR73D8V15B$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DQCZCS6JSKGRR73D8V15B%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=ED5QDDQQC8TMY4AX4CKD&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:ED5QDDQQC8TMY4AX4CKD$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DED5QDDQQC8TMY4AX4CKD%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/ref%3Datv_auth_red_aft
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/video/mystuff
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/video/settings
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/vote
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=2HEHNCBP48GNZEM8T8ZT&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:2HEHNCBP48GNZEM8T8ZT$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D2HEHNCBP48GNZEM8T8ZT%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=8YY49YP1TR5T3V9M5WS9&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:8YY49YP1TR5T3V9M5WS9$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D8YY49YP1TR5T3V9M5WS9%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/voting/
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=NWMMCMQKFMDXR85ZKQK4&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:NWMMCMQKFMDXR85ZKQK4$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DNWMMCMQKFMDXR85ZKQK4%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=HPP1TJSX9F1RRSKEHCJ2&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:HPP1TJSX9F1RRSKEHCJ2$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DHPP1TJSX9F1RRSKEHCJ2%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore/home/?ie=UTF8&ref_=topnav_storetab_ys
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore/iyr/?ie=UTF8&ref_=sv_ys_3
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=cItem.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=error.button.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=row.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore/recs/get?ue_back=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Herbal-Zap-Instantly-Dissolving-Supplement/dp/B01L4J9O8Y/ref=sr_1_33?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/hz/wishlist/%3C%23=item.image.src%20%23%3E
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/hz/wishlist/%3C%23=item.url%20%23%3E
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/hz/wishlist/friends/ref_=cm_wl_your_friends
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/hz/wishlist/get?ue_back=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Lets-Clean-The-House/dp/B0B8PGK8XW/ref=sr_1_56?keywords=ZAP&qid=1701867726&sr=8-56
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Living-Puppet-9-Inch-Friendly-Monster/dp/B0CJQBMHW1/ref=sr_1_48?keywords=ZAP&qid=1701867726&sr=8-48
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/music/prime
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/music/unlimited
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Outdoor-Cordless-Rechargeable-Mosquito-Equipped/dp/B0BNN13X69/ref=sr_1_43?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Outdoor-High-Power-Mosquito-Waterproof-Backyard/dp/B0BVQWLLT7/ref=sr_1_44?keywords=ZAP&qid=1701867726&sr=8-44
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Pacer-Technology-Zap-CA-Adhesives/dp/B0006O8ECG/ref=sr_1_53?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Pacer-Technology-Zap-Single-Adhesives/dp/B00GB0SFT6/ref=sr_1_52?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Pacer-Technology-Zap-Z-Poxy-Minute/dp/B00SXJJ4I4/ref=sr_1_60?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Pacer-Technology-Zap-Zap-Adhesives/dp/B00SXJJ2QI/ref=sr_1_7?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Pellon-Wrap-N-Zap-Batting-36-Inch-Natural/dp/B01N4B9B6I/ref=sr_1_46?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Phosooy-Electric-Aluminium-Mosquito-Hanging/dp/B08P8MJ4X3/ref=sr_1_59?keywords=ZAP&qid=1701867726&sr=8-59
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B0069IY63Y
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B096X8471C/ref=nta-top-sellers_d_sccl_1_8_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Pure-ZAP-Vitamin-Natural-Verified/dp/B0CLFF5X2N/ref=sr_1_51?keywords=ZAP&qid=1701867726&sr=8-51
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ref=cs_500_link
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ref=cs_500_logo
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ref=cs_503_link
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ref=cs_503_logo
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ref=nav_logo
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/review/common/du
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=D0TP68SBY7HDG3MXW48C&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:D0TP68SBY7HDG3MXW48C$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DD0TP68SBY7HDG3MXW48C%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=V8GRNQJEW7S4AXXMR87C&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:V8GRNQJEW7S4AXXMR87C$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DV8GRNQJEW7S4AXXMR87C%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=1C4QAWK92TFBDKQ68XMC&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:1C4QAWK92TFBDKQ68XMC$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D1C4QAWK92TFBDKQ68XMC%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=FKEC5P2PQENE8H3WWZWV&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:FKEC5P2PQENE8H3WWZWV$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DFKEC5P2PQENE8H3WWZWV%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/reviews/iframe
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=4H73N5T6ZTW7FPW93ABG&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:4H73N5T6ZTW7FPW93ABG$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3D4H73N5T6ZTW7FPW93ABG%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter
Attack
Evidence <noscript> <img src='/rd/uedata?noscript&amp;id=A91W32PMRE5JJT21GT3F&amp;pty=Error&amp;spty=PageNotFound&amp;pti=' /> <img src='//fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:147-4280155-9611859:A91W32PMRE5JJT21GT3F$uedata=s:%2Frd%2Fuedata%3Fnoscript%26id%3DA91W32PMRE5JJT21GT3F%26pty%3DError%26spty%3DPageNotFound%26pti%3D:2000' /> </noscript>
Other Info A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Shark-AV2501S-Self-Empty-Navigation-UltraClean/dp/B09H8CWFNK/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H8CWFNK&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ShiZap-Energized-Stacking-Block-Game/dp/B08HCHDPK2/ref=sr_1_39?keywords=ZAP&qid=1701867726&sr=8-39
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Simply-Calphalon-Nonstick-Cookware-SA10H/dp/B001AS94TY/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B001AS94TY&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery-ebook/dp/B09RC2SQ5K/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820079/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820095/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/B09VLGT12H/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Soundcore-Cancelling-Headphones-Wireless-Bluetooth/dp/B07NM3RSRQ/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0819LK85F&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ss/customer-reviews/lighthouse/
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/The-Zip-Zap-No-Small-Parts/dp/B0CBD6M8X5/ref=sr_1_42?keywords=ZAP&qid=1701867726&sr=8-42
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/home
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/search
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Black-Large-Twin-Zapper/dp/B08GXVGZZZ/ref=sr_1_15?keywords=ZAP&qid=1701867726&sr=8-15
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Blue-Medium-Twin-Zapper/dp/B08GWZ3LVQ/ref=sr_1_24?keywords=ZAP&qid=1701867726&sr=8-24
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Blue-Mini-Twin-Zapper/dp/B08GXB6Y9Z/ref=sr_1_45?keywords=ZAP&qid=1701867726&sr=8-45
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZ8TXWQ/ref=sr_1_14?keywords=ZAP&qid=1701867726&sr=8-14
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZQKWVP/ref=sr_1_16?keywords=ZAP&qid=1701867726&sr=8-16
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Bug-Zapper-Rechargeable-Attractant/dp/B085HLLHL1/ref=sr_1_11?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Cloth-Streak-Free-Cloths/dp/B00JOQWPNG/ref=sr_1_54?keywords=ZAP&qid=1701867726&sr=8-54
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Electric-Indoor-Zapper-Mosquito/dp/B088QS5VGJ/ref=sr_1_22?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Electric-Outdoor-Waterproof-Mosquito/dp/B088QSKG8S/ref=sr_1_30?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Formaldehyde-Brazilian-Treatment-Progressive/dp/B0BL437FFW/ref=sr_1_32?keywords=ZAP&qid=1701867726&sr=8-32
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Justin-J-Wheeler/dp/B085K7PHB3/ref=sr_1_58?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Kara-Camden/dp/B01DUIN9TC/ref=sr_1_12?keywords=ZAP&qid=1701867726&sr=8-12
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Martha-Freeman-ebook/dp/B074ZN2L3N/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Play-Paul-Fleischman-ebook/dp/B011S7489W/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Play-Paul-Fleischman/dp/0763627747/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Play-Revised-Paul-Fleischman/dp/0763680133/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Progressive-Brush-Long-lasting-Straightening/dp/B07SSHX3BM/ref=sr_1_8?keywords=ZAP&qid=1701867726&sr=8-8
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/ZAP-Zapper-Large-Twin-Pack/dp/B07GN4JZL8/ref=sr_1_10?keywords=ZAP&qid=1701867726&sr=8-10
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zap-Zapper-Racket-4000V-Rechargeable/dp/B06WW6831F/ref=sr_1_5?keywords=ZAP&qid=1701867726&sr=8-5
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zapped-Zendaya/dp/B00MKKCVGO/ref=sr_1_34?keywords=ZAP&qid=1701867726&sr=8-34
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zezo-Fiber-Zap-Cloth-10-Cloths/dp/B01CH150VS/ref=sr_1_9?keywords=ZAP&qid=1701867726&sr=8-9
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/Zipi-Zape-Isla-del-Capit%C3%A1n/dp/B09ZKMWZ25/ref=sr_1_37?keywords=ZAP&qid=1701867726&sr=8-37
Method GET
Parameter
Attack
Evidence <a onclick="window.location.reload()">Try different image</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence <a class="oBa0Fe aciXEb" href="#" id="sbfblt" data-async-trigger="duf3-46" aria-label="Give feedback on this result" role="button" jsaction="trigger.szjOR" data-ved="0ahUKEwi70s2r8vqCAxUyQ_EDHQL0Bc4Qtw8IDQ">Report inappropriate predictions</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence <a class="oBa0Fe aciXEb" href="#" id="sbfblt" data-async-trigger="duf3-46" aria-label="Give feedback on this result" role="button" jsaction="trigger.szjOR" data-ved="0ahUKEwi_pqLw8fqCAxX-Q_EDHbr7DTcQtw8IDQ">Report inappropriate predictions</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence <a class="oBa0Fe aciXEb" href="#" id="sbfblt" data-async-trigger="duf3-46" aria-label="Give feedback on this result" role="button" jsaction="trigger.szjOR" data-ved="0ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0Qtw8IDQ">Report inappropriate predictions</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.google.com/
Method GET
Parameter
Attack
Evidence <a class="oBa0Fe aciXEb" href="#" id="sbfblt" data-async-trigger="duf3-46" aria-label="Give feedback on this result" role="button" jsaction="trigger.szjOR" data-ved="0ahUKEwjhkcLL8vqCAxWZSfEDHfRZB0QQtw8IDQ">Report inappropriate predictions</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/cart/ref=ord_cart_shr?app-nav-type=none&dc=df
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter
Attack
Evidence <a id='nav-top'></a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
Instances 701
Solution
This is an informational alert and so no changes are required.
Reference
CWE Id
WASC Id
Plugin Id 10109
Informational
Re-examine Cache-control Directives
Description
The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASGQmYCxvo3WfQ3BIFDUg6P0EhQJwewG0xPZE=?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASGQn11VQ7sgCk8RIFDWlIR0chrbMLunyG1js=?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASIAkf7oBlCmca-xIFDTQ30ysSBQ3c5MosIS_QQNXR0uJ-EiAJbpxO9YafN7gSBQ00N9MrEgUN3OTKLCEv0EDV0dLifg==?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASIAlunE71hp83uBIFDTQ30ysSBQ3c5MosIdCkzK_phCFy?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASJwnJq4QCIXPo6hIFDTQ30ysSBQ3c5MosEgUNaUhHRyHTwXORxEAW8xIgCW6cTvWGnze4EgUNNDfTKxIFDdzkyiwh08FzkcRAFvMSGQn11VQ7sgCk8RIFDWlIR0ch08FzkcRAFvM=?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASUQm05qxeQf5lthIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yG48gYc95InUA==?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASWAnbJ8aA8i7VxhIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDWlIR0chIIt0DxFjUEcSUQm05qxeQf5lthIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yEgi3QPEWNQRxIZCfXVVDuyAKTxEgUNaUhHRyEgi3QPEWNQRw==?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASXwlQr8fIBrGyNxIFDTQ30ysSBQ3c5MosEgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_Ifa-xNIZt9swEiAJbpxO9YafN7gSBQ00N9MrEgUN3OTKLCH2vsTSGbfbMBJRCbTmrF5B_mW2EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_Ifa-xNIZt9sw?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASZgk4WNOAGUB98RIFDTQ30ysSBQ3c5MosEgUNlJCS-hIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yFBJOyGrTnG-hIgCW6cTvWGnze4EgUNNDfTKxIFDdzkyiwhQSTshq05xvoSWAlL-34b-Hr0GRIFDZSQkvoSBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8hQSTshq05xvo=?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE5LjAuNjA0NS4yMDASZgnXavJOV0HSyRIFDTQ30ysSBQ3c5MosEgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNaUhHRyFc44s1i87ZAxIgCW6cTvWGnze4EgUNNDfTKxIFDdzkyiwhXOOLNYvO2QMSUQm05qxeQf5lthIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_xIFDQbtu_8SBQ0G7bv_EgUNBu27_yFc44s1i87ZAxIZCfXVVDuyAKTxEgUNaUhHRyFc44s1i87ZAw==?alt=proto
Method GET
Parameter cache-control
Attack
Evidence private,max-age=604800
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAGE_VISIBILITY
Method GET
Parameter cache-control
Attack
Evidence public, max-age=86400
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1679317318&target=OPTIMIZATION_TARGET_LANGUAGE_DETECTION
Method GET
Parameter cache-control
Attack
Evidence public, max-age=86400
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698073325&target=OPTIMIZATION_TARGET_CLIENT_SIDE_PHISHING
Method GET
Parameter cache-control
Attack
Evidence public, max-age=86400
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678108&target=OPTIMIZATION_TARGET_GEOLOCATION_PERMISSION_PREDICTIONS
Method GET
Parameter cache-control
Attack
Evidence public, max-age=86400
Other Info
URL https://optimizationguide-pa.googleapis.com/downloads?name=1698678199&target=OPTIMIZATION_TARGET_NOTIFICATION_PERMISSION_PREDICTIONS
Method GET
Parameter cache-control
Attack
Evidence public, max-age=86400
Other Info
URL https://www.amazon.com/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/-/en$
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/-/es/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/-/he$
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/-/he/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/-/zh_TW$
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/-/zh_TW/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_5
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_6
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/?_encoding=UTF8&ref_=sv_dmusic_7
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/?ref_=footer_logo
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/alm/storefront?almBrandId=QW1hem9uIEZyZXNo
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/amazonprime
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_newcust
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin/ref=cart_empty_sign_in?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcart%3Fapp-nav-type%3Dnone%26dc%3Ddf
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dfooter_yo&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_AccountFlyout_orders&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_orders_first&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub%2F
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_psr_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fspr%2Freturns%2Fhomepage%2Fhomepage.html%3Fref_%3Dfooter_hy_f_4
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_subscribe_save_myd_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fauto-deliveries%2Fviewsubscriptions%3Fref_%3Dnav_AccountFlyout_sns
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_wishlist_desktop_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fls&pageId=Amazon
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-seemore%26node%3D18190131011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D10232440011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D14498690011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D230659011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fcountry%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252F%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fhistory%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26preferencesReturnUrl%3D%252Fgp%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fget%2F%3F_encoding%3DUTF8%26ue_back%3D1%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgift-cards%2Fb%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26node%3D2238192011%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcart%2Fview.html%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fwedding%2Fhomepage%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz%2Fwishlist%2Fintro%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_custrec_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fs%2F%3F_encoding%3DUTF8%26field-keywords%3DZAP%26ref%3Dcs_503_search%26ref_%3Dnav_ya_signin
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ASUS-NVIDIA-GeForce-Graphics-DisplayPort/dp/B0BQTVQQP4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0BQTVQQP4&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&node=120430535011&pd_rd_i=B0BCMXWNLS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b/?_encoding=UTF8&ld=AZUSSOA-sell&node=12766669011&ref_=nav_cs_sell
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=23653176011&ref_=sv_dmusic_4
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b/?ld=AZUSSOA-seemore&node=18190131011&ref_=footer_seemore
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b/ref=s9_acss_bw_cg_sbp22c_1e1_w/ref=SBE_navbar_5?node=18018208011&pf_rd_i=17879387011&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=56621c3d-cff4-45e1-9bf4-79bbeb8006fc&pf_rd_r=6W5X52VNZRB7GK1E1VX2&pf_rd_s=merchandised-search-top-3&pf_rd_t=30901
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/b?node=2238192011
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Bac-Zap-Odor-Eliminator-1_gallon/dp/B007MCJJWE/ref=sr_1_29?keywords=ZAP&qid=1701867726&sr=8-29
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Barbie-DreamHouse-Furniture-Accessories-Wheelchair-Accessible/dp/B08V1R73H9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B08V1R73H9&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter cache-control
Attack
Evidence no-cache, no-transform
Other Info
URL https://www.amazon.com/Chispee-Finishing-Weaving-Leather-Melting/dp/B0CHK2D5PM/ref=sr_1_36?keywords=ZAP&qid=1701867726&sr=8-36
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence no-cache, no-transform
Other Info
URL https://www.amazon.com/Cleansing-Conditioner-Treatment-Sulfur-Greasy/dp/B08WCMNBWC/ref=sr_1_31?keywords=ZAP&qid=1701867726&sr=8-31
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Coupons/b/?ie=UTF8&node=2231352011&ref_=sv_subnav_goldbox_1
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/country?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_icp_cp
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=footer_lang
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2F&ref_=topnav_lang_ais
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Ding-Zap-Falcones-Emergency-Repair/dp/B0BF7NXYMG/ref=sr_1_41?keywords=ZAP&qid=1701867726&sr=8-41
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/B088R7QF3J?binding=kindle_edition&qid=1701867726&ref_=dbs_s_aps_series_rwt_tkin&searchxofy=true&sr=8-50
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/e-mail-friend/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/manual-submit/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/product-availability/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/rate-this-item/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/dp/shipping/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Mosiller-Rechargeable-Powerful-Mosquitoes/dp/B09Q8W67XQ/ref=sr_1_57?keywords=ZAP&qid=1701867726&sr=8-57
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Swatter-Racket-Rechargeable-Charging/dp/B08GWRCQKJ/ref=sr_1_55?keywords=ZAP&qid=1701867726&sr=8-55
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Electric-Swatter-Rechargeable-Attractant-Charging/dp/B085DNM6JC/ref=sr_1_6?keywords=ZAP&qid=1701867726&sr=8-6
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Episode-2/dp/B091F259D2/ref=sr_1_47?keywords=ZAP&qid=1701867726&sr=8-47
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2Bw%2BSZ5NKCNicxUMlC%2Bk0dQ%3D%3D&amzn-r=%2Fref%3Dnav_logo&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2F3fuOxEhwt63ufV6T0bxcA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=03tZvbYvlNFf2acq5oHUcQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fwrite-a-review.html%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=08uZdACqvtGgyluS825gmg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=0Lihl1baWvhf6TOkXodwsA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=0XduUglPDjNSMjsxubrj3Q%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=0YOsOdJkoTlrb2JQ0RFSDA%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=1QT5N1E%2BoHYA3uY20Z45Qw%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=2%2BTC4M6etm0GUm88X8TuOQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=2UjxEKDb5KJ%2F9hQYTEgkuA%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=3c9Q%2BP%2FBegFwrtaVnNB7JQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=3LujxYM0A0USyG2OFfjV7w%3D%3D&amzn-r=%2Fref%3Dcs_503_link&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=3v%2FH%2F%2Fp8hxS87L1CRjIe8g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=4CRscPzyeHD5oPwdd4g72g%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=4L6GAxTLeRFZV1Ql%2F0XDbg%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=5PEpbY7VE%2Fx%2BF4QsbQCCsA%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=5wtQMuRaMjiNWnLNzrc%2FVQ%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=7fi5ByKad%2BdcvxZljfMzqA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=89kxzNpqpBqZafLdlFX0nQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=8T23TyPKJ9nYw28W4EnfEw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=95jTc%2Fjf17cFyeMo2q5R7g%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=97fM1dyt3h9Jc6nkywTmLA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9AQHcF15x6pT5YUsFxlgBg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9dkyynGR9nYfowg38vfKbQ%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9OGFBL46Q7pNVyNctgZC0w%3D%3D&amzn-r=%2Fhz%2Fmycd%2Fmyx%3FpageType%3Dcontent%26ref_%3Dnav_AccountFlyout_myk&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=9Z05sBM3FDHZbxQkWsnZ0Q%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=apEvdI6SD8q8%2Bj6RqXItyg%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=BdXJNklVh%2FTo3oUFbCnlxg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=BMw1tPBj4bD27JeQvJERag%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=c2HyZR58QutNLD12xni6Nw%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=C7pO3cDUAWU%2FidqGpXFrjg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fiyr%2F%3Fie%3DUTF8%26ref_%3Dsv_ys_3&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=cHeprgreEvleNxcpw6qQ7g%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Czxv0r4fsgCtUApC77nCZA%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=D2GoufXGvut9%2FZMuYkd9sQ%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fauth-redirect%2Fref%3Datv_auth_red_bef%3FreturnUrl%3D%2Fgp%2Fvideo%2Fmystuff%2Fref%253Datv_auth_red_aft&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=DnotI5d00ATvL%2FoB2Njr5w%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub%252F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=E%2FKdDDIE0Gs6JwlreVZSrg%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=eJOcfxJSLiZ0gj%2BmnQ4giQ%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=eSdz%2BgPr%2BBR7xoxjOIfsSw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ESObOh2M%2BMzmGyC8otRToQ%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=f5ESAwpSkihjQPIl%2Bs9hlA%3D%3D&amzn-r=%2F%3Fref_%3Dfooter_logo&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=FcYso%2F%2BzwFW3yW%2B%2Fwf7JMg%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=fFfU2T%2FD4%2FQzYRxmhnr52g%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Ffm%2BNimpxLDgRmnUlPCD%2FA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ha10fxEJzSh0nMyxhNHj8Q%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=HbRcpcErDWcoTPiIjQDrsw%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=hWVbQrVPP60R%2FMEYDNFUqg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=IBfhlLDppwFRNkZKaih9Tw%3D%3D&amzn-r=%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-sell%26node%3D12766669011%26ref_%3Dnav_cs_sell&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ic88goIdY908wj6AsV8uHQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=IgYhIcpecxxWcC1CwgCm6w%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=IKULlAVXx5%2B3JVfsoGdx7A%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=itO3%2BJP6Ug64elgLVDhWQQ%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=jGyPq5xFSGjtlCbvS8hq8Q%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=L5KXWOaTj0isegvpVanBeg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fhome%2F%3Fie%3DUTF8%26ref_%3Dtopnav_storetab_ys&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=lmOkLtqxprRCC9EF%2FZOFHQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=moJ2W1sEIk5sorRfxeE4jw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=nC%2BIi4ovQgV0mddORPTlFg%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=NprXEQdwV%2BMflR6xPECeGA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=oCXu0M3f0U%2BzmrEAPhaLTQ%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=ODTLp74NeoowmDKyrtofhQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=PBV26dQb2Y1INzjq5mIGOg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=qJp9aWa6EQ0ORMOoPRQ6RA%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=qootGElqNGNfpg%2Bx7sUGqw%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=r6Uog%2FdbGV4fFmxHdfuShg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=RjMI0bt%2BzVNA3JMjMzJg2Q%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=roxXxt79k1e3OYCnTuWDqQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=sM62fbadJtqMKBmZutzqTQ%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=SOJEh0g5GNh3yz21vEi58w%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=TWOp0asBI%2FWBWTIkLTtsjA%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=UHco0R4f7vMNkEDM0GQbJA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=uppjsyIHBaraQddL4MAISw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Uqe%2Bj44L232HSBHTqi%2FQzA%3D%3D&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=UQmQcTwDE1aALXI5YMgUmg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=v74vI2HNtwdsMew0%2BCa4yg%3D%3D&amzn-r=%2Fgp%2Fentity-alert%2Fexternal%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=VBA%2FWqJZtFSpIx8jQO%2B2TQ%3D%3D&amzn-r=%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=VMnQX6Wwf9aoBCz%2FnmLPHg%3D%3D&amzn-r=%2Fref%3Dcs_503_logo&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=VpYg%2FzqJm%2BlfCHmQSz%2Bi%2FA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=WKtfmT6sXhu4UctX4MQXpw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=wmaWYeM7tTV892Nv5IT%2Brw%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=WU2u70mTqqsTO3A7Q01gmQ%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=wW1ICK07PtAJyLMWPtekow%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=xqei7DKY8jFewDqaI%2BL31g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=yGcmbher93sEDsbGY%2BmhpA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=yIpcu%2ByTIT%2BGhSDjfI7iNA%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=yu6%2FEfW%2FwPCqmg47siCmZw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=zeQeO2v0hNNZMPEQzdgpPg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=Zl3unZKkp2iFjlOckDEA6Q%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/errors/validateCaptcha?amzn=zWHXuJMe95diKgc3YS%2BIAQ%3D%3D&amzn-r=%2Fdp%2FB07984JN3L%3Fie%3DUTF-8%26plattr%3DACOMFO&field-keywords=ZAP
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/events/deals
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/GameXcel-Zapper-Electric-Swatter-Mosquito/dp/B08BP57MMH/ref=sr_1_23?keywords=ZAP&qid=1701867726&sr=8-23
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/-/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/-/gfhz/add-wishlist
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/-/gfhz/get?ue_back=1
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=cItem.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=error.button.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.image.src%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=item.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=link.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/%3C%23=row.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=sv_wl_1
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/?_encoding=UTF8&ref_=topnav_storetab_cm_gft
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gcx/Gifts-for-Adults/gfhz/get?ue_back=1
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/GOOTOP-Mosquito-Zapper-Outdoor-Electric/dp/B09PQF39PG/ref=sr_1_38?keywords=ZAP&qid=1701867726&sr=8-38
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/browse.html/ref=vas_sf_load_?node=8098158011
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/browse.html?node=10232440011&ref_=footer_reload_us
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/browse.html?node=16218619011&ref_=footer_swp
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/browse.html?node=2102313011&ref_=footer_devices
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/browse.html?node=230659011&ref_=footer_amazonglobal
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/browse.html?node=388305011&ref_=footer_tfx
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/cdp/member-reviews/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/common/du
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/dynamic/sims-box
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/entity-alert/external?ue_back=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/goldbox/
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/goldbox/?ie=UTF8&ref_=topnav_storetab_subnav_goldbox
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/goldbox/ref=cart_empty_deals
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/help/customer/contact-us
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/history
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/history/?ie=UTF8&ref_=sv_ys_1
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/history?ref_=nav_AccountFlyout_browsinghistory
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/orc/rml/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/e-mail-friend
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/product-availability
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/product/rate-this-item
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/rentallist
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/socialmedia/giveaways
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/twister/ajaxv2
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/ref%3Datv_auth_red_aft
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/mystuff
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/video/settings
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/wedding/homepage/?ie=UTF8&ref_=sv_cm_gft_3
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/yourstore/home/?ie=UTF8&ref_=topnav_storetab_ys
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/iyr/?ie=UTF8&ref_=sv_ys_3
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=cItem.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=error.button.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=row.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore/recs/?ie=UTF8&ref_=sv_ys_2
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/gp/yourstore/recs/get?ue_back=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/gp/yourstore?ref_=nav_AccountFlyout_recs
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Herbal-Zap-Instantly-Dissolving-Supplement/dp/B01L4J9O8Y/ref=sr_1_33?keywords=ZAP&qid=1701867726&sr=8-33
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=item.image.src%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/%3C%23=item.url%20%23%3E
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/friends/ref_=cm_wl_your_friends
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/get?ue_back=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/hz/wishlist/intro
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Lets-Clean-The-House/dp/B0B8PGK8XW/ref=sr_1_56?keywords=ZAP&qid=1701867726&sr=8-56
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Living-Puppet-9-Inch-Friendly-Monster/dp/B0CJQBMHW1/ref=sr_1_48?keywords=ZAP&qid=1701867726&sr=8-48
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/music/free/?_encoding=UTF8&ref_=sv_dmusic_2
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/music/lp/podcasts/?_encoding=UTF8&ref_=sv_dmusic_3
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/music/prime
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/music/unlimited
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/music/unlimited/why-hd
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/music/unlimited?ref=dm_LP_AMP
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Outdoor-Cordless-Rechargeable-Mosquito-Equipped/dp/B0BNN13X69/ref=sr_1_43?keywords=ZAP&qid=1701867726&sr=8-43
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Outdoor-High-Power-Mosquito-Waterproof-Backyard/dp/B0BVQWLLT7/ref=sr_1_44?keywords=ZAP&qid=1701867726&sr=8-44
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-CA-Adhesives/dp/B0006O8ECG/ref=sr_1_53?keywords=ZAP&qid=1701867726&sr=8-53
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Single-Adhesives/dp/B00GB0SFT6/ref=sr_1_52?keywords=ZAP&qid=1701867726&sr=8-52
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Z-Poxy-Minute/dp/B00SXJJ4I4/ref=sr_1_60?keywords=ZAP&qid=1701867726&sr=8-60
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Pacer-Technology-Zap-Zap-Adhesives/dp/B00SXJJ2QI/ref=sr_1_7?keywords=ZAP&qid=1701867726&sr=8-7
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Pellon-Wrap-N-Zap-Batting-36-Inch-Natural/dp/B01N4B9B6I/ref=sr_1_46?keywords=ZAP&qid=1701867726&sr=8-46
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Phosooy-Electric-Aluminium-Mosquito-Hanging/dp/B08P8MJ4X3/ref=sr_1_59?keywords=ZAP&qid=1701867726&sr=8-59
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/product-reviews/1649374178/ref=nta-top-sellers_d_sccl_1_5_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/product-reviews/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/product-reviews/B0069IY63Y
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B096X8471C/ref=nta-top-sellers_d_sccl_1_8_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/product-reviews/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/product-reviews/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/product-reviews/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2_cr/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Pure-ZAP-Vitamin-Natural-Verified/dp/B0CLFF5X2N/ref=sr_1_51?keywords=ZAP&qid=1701867726&sr=8-51
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=07BWCF2G9BFS2WAT7DYY&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=07BWCF2G9BFS2WAT7DYY&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=0TSXQG69TABS9N2MN4BS&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=0TSXQG69TABS9N2MN4BS&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1C4QAWK92TFBDKQ68XMC&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1C4QAWK92TFBDKQ68XMC&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1EFYFGZT8YXYSPXN15E5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1EFYFGZT8YXYSPXN15E5&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1WFHBDDCG810GF5YK07X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1WFHBDDCG810GF5YK07X&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1Z3VXBPNK2C81GBG4KT6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=1Z3VXBPNK2C81GBG4KT6&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2843QW1YGK2ADQB0BDWH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2843QW1YGK2ADQB0BDWH&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=28C41J0X5ATV52HQ161D&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=28C41J0X5ATV52HQ161D&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2G1HC0JMHZH1HK08RT2A&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2G1HC0JMHZH1HK08RT2A&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2HEHNCBP48GNZEM8T8ZT&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2HEHNCBP48GNZEM8T8ZT&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2KSNA3E6CZNB2Y0SYHF7&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2KSNA3E6CZNB2Y0SYHF7&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2M38KZXKCSH2YTCTDW5T&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2M38KZXKCSH2YTCTDW5T&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2QN51WM6363YACC173X2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2QN51WM6363YACC173X2&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2ZAA9BD0VW676AHVT7RH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=2ZAA9BD0VW676AHVT7RH&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=3BV9FT1ZXFER89W1RJHY&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=3BV9FT1ZXFER89W1RJHY&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=43D8FKDQZ91QCMAJJ2F6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=43D8FKDQZ91QCMAJJ2F6&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4AHC6Q7NA500NAKMNT6Y&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4AHC6Q7NA500NAKMNT6Y&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4H73N5T6ZTW7FPW93ABG&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4H73N5T6ZTW7FPW93ABG&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4QQD9QRNB4G6WYQCJWTK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4QQD9QRNB4G6WYQCJWTK&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4V37TFZ4BS0VAPPHY0HJ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=4V37TFZ4BS0VAPPHY0HJ&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=57CNZ33807Z2NF10ZF6F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=57CNZ33807Z2NF10ZF6F&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=5RMFKRFX7A2ZFB2NWQYD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=5RMFKRFX7A2ZFB2NWQYD&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6BDT2114JQRFTTBQGRDH&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6BDT2114JQRFTTBQGRDH&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6PE92FT3QPKW177SFKDA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=6PE92FT3QPKW177SFKDA&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7GW14SP04JQH5ABK7QYV&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7GW14SP04JQH5ABK7QYV&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7KQTD5V24NWM6F0Z013X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7KQTD5V24NWM6F0Z013X&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7P69HHY1REMXVDZ2HJ3J&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7P69HHY1REMXVDZ2HJ3J&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7VW03D6FYN96KHTRYSXQ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=7VW03D6FYN96KHTRYSXQ&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=88DDJH73759FVXCK962B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=88DDJH73759FVXCK962B&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8AWNTQHXXRFRRYW07G95&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8AWNTQHXXRFRRYW07G95&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8FVD3S6256SP1JSY6JDZ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8FVD3S6256SP1JSY6JDZ&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8YY49YP1TR5T3V9M5WS9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=8YY49YP1TR5T3V9M5WS9&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=9AX29VYD3H5SBK7CF99K&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=9AX29VYD3H5SBK7CF99K&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A4TD8T65MA3AN2GRRG46&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A4TD8T65MA3AN2GRRG46&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A91W32PMRE5JJT21GT3F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=A91W32PMRE5JJT21GT3F&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ADP01PVYNHX665SG5GZ8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ADP01PVYNHX665SG5GZ8&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AEVJC6QQ8HD6PNZ0MKGK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AEVJC6QQ8HD6PNZ0MKGK&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AGT0JAK5TBDYNBDQJ39W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=AGT0JAK5TBDYNBDQJ39W&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=B0B9CXR6S6CNT6450E3X&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=B0B9CXR6S6CNT6450E3X&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BQFYC9E8TVPX47RAEW8K&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BQFYC9E8TVPX47RAEW8K&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BS5SJ8PVE3269A2WVS4Z&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BS5SJ8PVE3269A2WVS4Z&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BYWEH3FEAN0MXRW0A2R9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=BYWEH3FEAN0MXRW0A2R9&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=C50HD6Q541VK4VFESD9T&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=C50HD6Q541VK4VFESD9T&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CKJSQA0WR4N6JQF3BQC8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CKJSQA0WR4N6JQF3BQC8&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CNFYGVMZS6MD1WF77C0R&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CNFYGVMZS6MD1WF77C0R&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CRNHYFDCMGYA1WW18A44&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=CRNHYFDCMGYA1WW18A44&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0FEJ28H4AJHCT84SS1G&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0FEJ28H4AJHCT84SS1G&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0TP68SBY7HDG3MXW48C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=D0TP68SBY7HDG3MXW48C&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DMW032KW515C537ZNAVB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DMW032KW515C537ZNAVB&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DQSRAAGYWSQ6Z11PF3T5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=DQSRAAGYWSQ6Z11PF3T5&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ED5QDDQQC8TMY4AX4CKD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ED5QDDQQC8TMY4AX4CKD&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EF7REY7J3CGVWSDGQMBD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EF7REY7J3CGVWSDGQMBD&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EKZMH77N5KH9EMJFS91N&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=EKZMH77N5KH9EMJFS91N&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=F2703RBKPXCGBA963E2F&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=F2703RBKPXCGBA963E2F&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FJ93S7C0CB3V67HS111G&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FJ93S7C0CB3V67HS111G&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FKEC5P2PQENE8H3WWZWV&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FKEC5P2PQENE8H3WWZWV&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FRYHHF0B3Y4WV5Z3P88V&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FRYHHF0B3Y4WV5Z3P88V&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FV0VT2JMA1B9H546470B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=FV0VT2JMA1B9H546470B&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GF0YXBRSXKKY8EVM9VW2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GF0YXBRSXKKY8EVM9VW2&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GSV6C79C01MVD6RE6E38&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GSV6C79C01MVD6RE6E38&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GVYS3XPQAMEVJRSD6KB6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=GVYS3XPQAMEVJRSD6KB6&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=H3XW4KDZACDMWY3XMYA1&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=H3XW4KDZACDMWY3XMYA1&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HG3GBHYC8EH0CQCPE3M5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HG3GBHYC8EH0CQCPE3M5&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HGEM81S0CH0XRD441JF0&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HGEM81S0CH0XRD441JF0&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HMW8T12R252DDRD2PX7Z&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HMW8T12R252DDRD2PX7Z&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HPP1TJSX9F1RRSKEHCJ2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HPP1TJSX9F1RRSKEHCJ2&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HYSFJFR7B31V19QV0PBT&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=HYSFJFR7B31V19QV0PBT&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=JS17FZBAF6JNZXRBBS03&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=JS17FZBAF6JNZXRBBS03&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=K7Q6WS07R6PS66NNMPB5&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=K7Q6WS07R6PS66NNMPB5&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KAHRR4AF1M5C6ZHNJYNK&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KAHRR4AF1M5C6ZHNJYNK&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KJY7W7FWHMNM0TZC9RWZ&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KJY7W7FWHMNM0TZC9RWZ&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KPYV6TB3JED07RV34N9D&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KPYV6TB3JED07RV34N9D&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KRA1T1Z92P0PE6WWCTV4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KRA1T1Z92P0PE6WWCTV4&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KTSSXN5Y7FTWMK2169MS&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KTSSXN5Y7FTWMK2169MS&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KVWW9GMJTDCK71F9HMZ9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KVWW9GMJTDCK71F9HMZ9&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KYYVMS2H9T65HPWHRXD8&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KYYVMS2H9T65HPWHRXD8&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KZ5Z48CAPGPG8VX17QHD&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=KZ5Z48CAPGPG8VX17QHD&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MJVSJDRB5BGMWNAE4AW9&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MJVSJDRB5BGMWNAE4AW9&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MNENB3WDK2Y4H6FJD1CE&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=MNENB3WDK2Y4H6FJD1CE&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NKCV5ZZSWRSYHJBAGV47&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NKCV5ZZSWRSYHJBAGV47&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NWMMCMQKFMDXR85ZKQK4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=NWMMCMQKFMDXR85ZKQK4&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P3M0DN7FPSK8A237KGYA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P3M0DN7FPSK8A237KGYA&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P7WR7742GJXS34V08QQF&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=P7WR7742GJXS34V08QQF&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PEVE67BRDBXT5JKJYDWN&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PEVE67BRDBXT5JKJYDWN&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGS7PWT5NBRKWM4KZNZB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGS7PWT5NBRKWM4KZNZB&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGTVT802A57S10DYE27W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PGTVT802A57S10DYE27W&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PK06TDEY641SJG7FE64S&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=PK06TDEY641SJG7FE64S&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Q5G901NQ1MC6Z57DME8P&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Q5G901NQ1MC6Z57DME8P&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QCZCS6JSKGRR73D8V15B&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QCZCS6JSKGRR73D8V15B&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QQTRCE7CZH7MCKWG1J0C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QQTRCE7CZH7MCKWG1J0C&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QWZRXD92MJDRK92N74C2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=QWZRXD92MJDRK92N74C2&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R64GX02ZDJWMRRBX47QA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R64GX02ZDJWMRRBX47QA&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R8XNM7E4NW0CK8W103VM&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=R8XNM7E4NW0CK8W103VM&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=S257MZE0YP0YVBTACJWA&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=S257MZE0YP0YVBTACJWA&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=V8GRNQJEW7S4AXXMR87C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=V8GRNQJEW7S4AXXMR87C&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=VD1K5XK101T25S4FGHX4&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=VD1K5XK101T25S4FGHX4&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=W6TQDJBMNBB66VHTNH78&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=W6TQDJBMNBB66VHTNH78&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=WCE9CN4FM6BC9SZ3RTEN&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=WCE9CN4FM6BC9SZ3RTEN&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=XM87YZADCS23GKC3SHM6&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=XM87YZADCS23GKC3SHM6&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Y89KQTWG7TTMZWKA1H1C&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=Y89KQTWG7TTMZWKA1H1C&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YF4AE1FF6DHZ9A5BHS6W&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YF4AE1FF6DHZ9A5BHS6W&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YWHMA1DQEF1CC76WEQPB&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=YWHMA1DQEF1CC76WEQPB&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZCP1JXMRFEJTR0G849ZG&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZCP1JXMRFEJTR0G849ZG&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZTYQNNF8MD0NHQNNC1N2&noscript&pti&pty=Error&spty=PageNotFound
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/rd/uedata?id=ZTYQNNF8MD0NHQNNC1N2&tepes=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_500_link
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_500_logo
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_503_link
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=cs_503_logo
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ref=nav_logo
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/registries
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/?_encoding=UTF8&ref_=sv_cm_gft_5
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/birthday/?_encoding=UTF8&ref_=sv_wl_3
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/custom/?_encoding=UTF8&ref_=sv_wl_6
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=C8F6GH5BF52FTG8A18BP
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries/request/ref=ragl_HMT_1a1_w?pf_rd_p=34c70dcf-051f-4baa-8ab0-938fb22b88b9&pf_rd_r=J6DZTJK0YZFCFZS1CTSS
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries?ref_=nav_ListFlyout_find
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/reviews/iframe
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/robots.txt
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Shark-AV2501S-Self-Empty-Navigation-UltraClean/dp/B09H8CWFNK/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H8CWFNK&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ShiZap-Energized-Stacking-Block-Game/dp/B08HCHDPK2/ref=sr_1_39?keywords=ZAP&qid=1701867726&sr=8-39
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Simply-Calphalon-Nonstick-Cookware-SA10H/dp/B001AS94TY/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B001AS94TY&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery-ebook/dp/B09RC2SQ5K/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820079/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/0999820095/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Snap-Zap-Murder-Rathkey-Mystery/dp/B09VLGT12H/ref=sr_1_50?keywords=ZAP&qid=1701867726&sr=8-50
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Soundcore-Cancelling-Headphones-Wireless-Bluetooth/dp/B07NM3RSRQ/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0819LK85F&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ss/customer-reviews/lighthouse/
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/The-Zip-Zap-No-Small-Parts/dp/B0CBD6M8X5/ref=sr_1_42?keywords=ZAP&qid=1701867726&sr=8-42
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter cache-control
Attack
Evidence no-cache, no-transform
Other Info
URL https://www.amazon.com/wedding/home
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/home/?_encoding=UTF8&ref_=sv_wl_4
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/home/ref=wl_hz_intro
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/amazon-handmade?pf_rd_p=2098fe35-1d6a-4686-8362-9349bcb16093&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/elevateeverywhere?pf_rd_p=80de1221-9fcc-4395-b8d4-2fa5c27f9dfc&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/elevateyourhome?pf_rd_p=a36ddf69-0b21-4568-b1d5-c2a789b1c758&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/shop/brand/marthastewart?pf_rd_p=2f477695-88e2-4256-97d7-ceb4e0e787da&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/shop/brand?pf_rd_p=52a0eca3-a942-4efb-ba4c-5021b27a9ee6&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/mp/shop/top-100?pf_rd_p=07ef1f03-cfb5-4995-93d6-7a8d6f9b5acd&pf_rd_r=9CKN2BN9KKERD52B4G7X&ref_=wedding_home_card
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/search
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/ZAP-Black-Large-Twin-Zapper/dp/B08GXVGZZZ/ref=sr_1_15?keywords=ZAP&qid=1701867726&sr=8-15
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Blue-Medium-Twin-Zapper/dp/B08GWZ3LVQ/ref=sr_1_24?keywords=ZAP&qid=1701867726&sr=8-24
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Blue-Mini-Twin-Zapper/dp/B08GXB6Y9Z/ref=sr_1_45?keywords=ZAP&qid=1701867726&sr=8-45
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZ8TXWQ/ref=sr_1_14?keywords=ZAP&qid=1701867726&sr=8-14
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Battery-Mosquito/dp/B07KZQKWVP/ref=sr_1_16?keywords=ZAP&qid=1701867726&sr=8-16
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Bug-Zapper-Rechargeable-Attractant/dp/B085HLLHL1/ref=sr_1_11?keywords=ZAP&qid=1701867726&sr=8-11
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Cloth-Streak-Free-Cloths/dp/B00JOQWPNG/ref=sr_1_54?keywords=ZAP&qid=1701867726&sr=8-54
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Electric-Indoor-Zapper-Mosquito/dp/B088QS5VGJ/ref=sr_1_22?keywords=ZAP&qid=1701867726&sr=8-22
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Electric-Outdoor-Waterproof-Mosquito/dp/B088QSKG8S/ref=sr_1_30?keywords=ZAP&qid=1701867726&sr=8-30
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Formaldehyde-Brazilian-Treatment-Progressive/dp/B0BL437FFW/ref=sr_1_32?keywords=ZAP&qid=1701867726&sr=8-32
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Justin-J-Wheeler/dp/B085K7PHB3/ref=sr_1_58?keywords=ZAP&qid=1701867726&sr=8-58
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Kara-Camden/dp/B01DUIN9TC/ref=sr_1_12?keywords=ZAP&qid=1701867726&sr=8-12
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman-ebook/dp/B074ZN2L3N/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405577/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Martha-Freeman/dp/1534405585/ref=sr_1_49?keywords=ZAP&qid=1701867726&sr=8-49
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Paul-Fleischman-ebook/dp/B011S7489W/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Paul-Fleischman/dp/0763627747/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Play-Revised-Paul-Fleischman/dp/0763680133/ref=sr_1_21?keywords=ZAP&qid=1701867726&sr=8-21
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Progressive-Brush-Long-lasting-Straightening/dp/B07SSHX3BM/ref=sr_1_8?keywords=ZAP&qid=1701867726&sr=8-8
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/ZAP-Zapper-Large-Twin-Pack/dp/B07GN4JZL8/ref=sr_1_10?keywords=ZAP&qid=1701867726&sr=8-10
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zap-Zapper-Racket-4000V-Rechargeable/dp/B06WW6831F/ref=sr_1_5?keywords=ZAP&qid=1701867726&sr=8-5
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zapped-Zendaya/dp/B00MKKCVGO/ref=sr_1_34?keywords=ZAP&qid=1701867726&sr=8-34
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter cache-control
Attack
Evidence no-cache, no-transform
Other Info
URL https://www.amazon.com/Zezo-Fiber-Zap-Cloth-10-Cloths/dp/B01CH150VS/ref=sr_1_9?keywords=ZAP&qid=1701867726&sr=8-9
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.amazon.com/Zipi-Zape-Isla-del-Capit%C3%A1n/dp/B09ZKMWZ25/ref=sr_1_37?keywords=ZAP&qid=1701867726&sr=8-37
Method GET
Parameter cache-control
Attack
Evidence
Other Info
URL https://www.google.com/
Method GET
Parameter cache-control
Attack
Evidence private, max-age=0
Other Info
URL https://www.google.com/async/hpba?vet=10ahUKEwi70s2r8vqCAxUyQ_EDHQL0Bc4Qj-0KCBs..i&ei=9nNwZbv_G7KGxc8PguiX8Aw&opi=89978449&yv=3&cs=0&async=_ck:xjs.hd.NT53HHdsy6U.L.W.O,_k:xjs.hd.en.XZqIZ5oTr0A.O,_am:AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgEEBU4BkFANBEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA,_csss:ACT90oFpKWIlVR0YcGS7Pf28sDSkPgpNxg,_fmt:prog,_id:a3JU5b
Method GET
Parameter cache-control
Attack
Evidence private
Other Info
URL https://www.google.com/async/hpba?vet=10ahUKEwi_pqLw8fqCAxX-Q_EDHbr7DTcQj-0KCBs..i&ei=enNwZb-BAf6Hxc8Puve3uAM&opi=89978449&yv=3&cs=0&async=_ck:xjs.hd.NT53HHdsy6U.L.W.O,_k:xjs.hd.en.XZqIZ5oTr0A.O,_am:AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQCABwQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA,_csss:ACT90oGqdkvBeYbbaiIxJKgUfTcmLCqqYw,_fmt:prog,_id:a3JU5b
Method GET
Parameter cache-control
Attack
Evidence private
Other Info
URL https://www.google.com/async/hpba?vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0Qj-0KCBs..i&ei=IHNwZfq3KfaSxc8P3rOK6A8&opi=89978449&yv=3&cs=0&async=_ck:xjs.hd.NT53HHdsy6U.L.W.O,_k:xjs.hd.en.XZqIZ5oTr0A.O,_am:AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAcAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBxCDCAIAAAAAAAAAAAAQwATB4IL0WEEAAQAAAAAAAAAAAEBKmlwMJAAABg,_csss:ACT90oEYKjIPnudwZmAR-3Z98jGXGEkuWA,_fmt:prog,_id:a3JU5b
Method GET
Parameter cache-control
Attack
Evidence private
Other Info
URL https://www.google.com/async/hpba?vet=10ahUKEwjhkcLL8vqCAxWZSfEDHfRZB0QQj-0KCBs..i&ei=OXRwZaGRF5mTxc8P9LOdoAQ&opi=89978449&yv=3&cs=0&async=_ck:xjs.hd.NT53HHdsy6U.L.W.O,_k:xjs.hd.en.XZqIZ5oTr0A.O,_am:AAAAAAAAAAAAAAAAAAAAACAAAAAAgKiBcAhgAwQABAAAAwQAAQAEiCAKAQxAgYCHsgEAAJgAgSVgUUBU4BkFANAEVAEAAAAAAAgGEQAAAAQAANABAAAgoBHAAISAEhAAAACAPAAEBwCDCAIAAAAAAAAAAAAQwATB4IIEQEEAAQAAAAAAAAAAAEBKmlwMJA,_csss:ACT90oHJDfhkGmrQhNaN1JznAFho3_OYJA,_fmt:prog,_id:a3JU5b
Method GET
Parameter cache-control
Attack
Evidence private
Other Info
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=9nNwZbv_G7KGxc8PguiX8Aw.1701868534315&dpr=2.25&nolsbt=1
Method GET
Parameter cache-control
Attack
Evidence private, max-age=3600
Other Info
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=enNwZb-BAf6Hxc8Puve3uAM.1701868409775&dpr=2.25&nolsbt=1
Method GET
Parameter cache-control
Attack
Evidence private, max-age=3600
Other Info
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=IHNwZfq3KfaSxc8P3rOK6A8.1701868320335&dpr=2.25&nolsbt=1
Method GET
Parameter cache-control
Attack
Evidence private, max-age=3600
Other Info
URL https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en-BG&authuser=0&psi=OXRwZaGRF5mTxc8P9LOdoAQ.1701868601291&dpr=2.25&nolsbt=1
Method GET
Parameter cache-control
Attack
Evidence private, max-age=3600
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter cache-control
Attack
Evidence no-cache
Other Info
Instances 785
Solution
For secure content, ensure the cache-control HTTP header is set with "no-cache, no-store, must-revalidate". If an asset should be cached consider setting the directives "public, max-age, immutable".
Reference https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#web-content-caching
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
https://grayduck.mn/2021/09/13/cache-control-recommendations/
CWE Id 525
WASC Id 13
Plugin Id 10015
Informational
Retrieved from Cache
Description
The content was retrieved from a shared cache. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where caching servers such as "proxy" caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence Age: 213
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence Age: 280
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL http://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
Method GET
Parameter
Attack
Evidence Age: 89
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL http://www.gstatic.com/og/_/ss/k=og.qtm.unQ4bAXbcl8.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTvBc9WC7Dd2DDpVc6x9VJtmRmpgjQ
Method GET
Parameter
Attack
Evidence Age: 213
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL http://www.gstatic.com/og/_/ss/k=og.qtm.unQ4bAXbcl8.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTvBc9WC7Dd2DDpVc6x9VJtmRmpgjQ
Method GET
Parameter
Attack
Evidence Age: 280
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL http://www.gstatic.com/og/_/ss/k=og.qtm.unQ4bAXbcl8.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTvBc9WC7Dd2DDpVc6x9VJtmRmpgjQ
Method GET
Parameter
Attack
Evidence Age: 89
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence Age: 42736
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence Age: 42824
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence Age: 42949
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Method GET
Parameter
Attack
Evidence Age: 43016
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Method GET
Parameter
Attack
Evidence HIT from fastly
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Method GET
Parameter
Attack
Evidence Hit from cloudfront
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Method GET
Parameter
Attack
Evidence HIT from fastly
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Method GET
Parameter
Attack
Evidence Hit from cloudfront
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Method GET
Parameter
Attack
Evidence HIT from fastly
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Method GET
Parameter
Attack
Evidence Hit from cloudfront
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
Method GET
Parameter
Attack
Evidence HIT from fastly
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
Method GET
Parameter
Attack
Evidence Hit from cloudfront
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
Method GET
Parameter
Attack
Evidence HIT from fastly
Other Info
URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
Method GET
Parameter
Attack
Evidence Hit from cloudfront
Other Info
Instances 20
Solution
Validate that the response does not contain sensitive, personal or user-specific information. If it does, consider the use of the following HTTP response headers, to limit, or prevent the content being stored and retrieved from the cache by another user:

Cache-Control: no-cache, no-store, must-revalidate, private

Pragma: no-cache

Expires: 0

This configuration directs both HTTP 1.0 and HTTP 1.1 compliant caching servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request.
Reference https://tools.ietf.org/html/rfc7234
https://tools.ietf.org/html/rfc7231
http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (obsoleted by rfc7234)
CWE Id
WASC Id
Plugin Id 10050
Informational
Session Management Response Identified
Description
The given response has been identified as containing a session management token. The 'Other Info' field contains a set of header tokens that can be used in the Header Based Session Management Method. If the request is in a context which has a Session Management Method set to "Auto-Detect" then this rule will change the session management to use the tokens identified.
URL https://www.amazon.com/*/sim/B001132UEE
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/*/sim/B001132UEE?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587740l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587738l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587768l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587771l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587770l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587769l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587744l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587767l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id-time
Attack
Evidence 2332587737l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-id-time
Attack
Evidence 2332587743l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_kplp_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fkindle-dbs%2Fku%2Fku-central%3Fref_%3Dnav_AccountFlyout_ku%26reroutedViaSP%3D1
Method GET
Parameter session-id-time
Attack
Evidence 2332587735l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter session-id-time
Attack
Evidence 2332587736l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587750l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587731l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587738l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587738l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587741l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcustomer-preferences%2Fedit%2F%3F_encoding%3DUTF8%26ie%3DUTF8%26preferencesReturnUrl%3D%252Fgp%252Fyourstore%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587743l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587768l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587770l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587768l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587732l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2Frecs%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587735l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587748l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587748l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id-time
Attack
Evidence 2332587748l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/b/?ie=UTF8&node=1267877011&ref_=sv_subnav_goldbox_5
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/exec/obidos/account-access-login
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/exec/obidos/change-style
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/exec/obidos/flex-sign-in
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/exec/obidos/handle-buy-box
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/exec/obidos/tg/cm/member/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=item.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/associations/wizard.html
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/associations/wizard.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/aw/cr/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/aw/cr/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/aw/help/id=sss
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/aws/ssop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/b2b-rd
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/cart
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/cart/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/cart/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/cart/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/cart?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/content-form
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/content-form?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/customer-images
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-images?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-media/actions/delete/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-media/upload
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp/dmusic/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/dmusic/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/dmusic/order
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/dmusic/order/handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/dmusic/order?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/entity-alert/external
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/flex
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp/flex?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/gc/widget
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/get?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/gfix
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/item-dispatch
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/legacy-handle-buy-box.html
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/music/clipserve
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/music/wma-pop-up
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/obidos-sign-in.html/130-7402554-6248927?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/offer-listing/9000
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/offer-listing/B000
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/pdp/invitation/invite
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/pdp/rss/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/pdp/rss/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/reader
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/recsradio
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/recsradio?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/redirect.html
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/registry/search.html
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/registry/search.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/rentallist
Method GET
Parameter JSESSIONID
Attack
Evidence 3CD5D66748B33000D0B7B1EB491D4299
Other Info cookie:JSESSIONID
URL https://www.amazon.com/gp/richpub/listmania/createpipeline
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/richpub/listmania/createpipeline?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/richpub/syltguides/create
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/richpub/syltguides/create?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/rl/settings
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/sign-in
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp/sign-in?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/sitbv3/reader
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-id
URL https://www.amazon.com/gp/sitbv3/reader?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/slredirect
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/structured-ratings/actions/get-experience.html?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/twitter/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/twitter/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/library/ref%3Datv_auth_red_aft
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/vote
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/vote?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/voting/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/gp/yourstore
Method GET
Parameter ubid-main
Attack
Evidence 133-2937416-4658224
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-token cookie:session-id
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:session-token cookie:session-id
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/birthday?ref_=gr-landing-birthday
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/custom?ref_=gr-landing-custom
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/review/common/du
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/review/common/du?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/review/dynamic/sims-box
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/review/dynamic/sims-box?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-id
URL https://www.amazon.com/wedding/gift-fund?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/wedding/home
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/wedding/mp/benefits?ref_=wedding_home_benefits
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+172
Other Info cookie:CONSENT cookie:__Secure-ENID cookie:AEC
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+698
Other Info cookie:CONSENT cookie:__Secure-ENID cookie:AEC
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+749
Other Info cookie:CONSENT cookie:__Secure-ENID cookie:AEC
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+813
Other Info cookie:CONSENT cookie:__Secure-ENID cookie:AEC
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=BfptuzASiJ52VtO4glBuRdZ-3IUVJqoVRqB7PLaB6MMFYSB07aZQQj4D6oOXRGsV7v40Jd4voC6qPJHugE3Mh99pW0ooZX3poH0Nwm7pBaQ7v-RO-gloOeSLdGLkld3XoVDpRCwcVFVU6hbTGiaOjiAEKQK7MvAsvaVpGU_X5newAHcoqlgmcEknHAHaoV8
Other Info cookie:__Secure-ENID
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=IBgXpmy9HoUh6i-PfsNOsOuM_UxREkicyzsSXmPAJjSMQC30azy9wTXtLV-_THewxCWEVahaaPDcxuILiiMjF0d3YCyNHSF9z5BNL6HAL-slW_1O1Ela1lfZtJlHOyQYRhOiZt7XBxgsKC9ebF7j66wvg3vZh3APo8wflA774lGRLtk9zw3vTl54hvcYuKTI
Other Info cookie:__Secure-ENID
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=KkKILj-VDPB7VyW3jbgDdyOzjGjgSGZakV_peBB1-b5N2T3-MkIDoUBm3J3YMo7L6LRxN5YUMeQgEva4PuAGyQSWxMmRtN6UV2XGzFGZ9KXm3luWdyAu4G3g--7fo_HD7ukQw1N6xNUaAkDv1dtny1CXVgnYKk51DVZUXplXTPTahk4p3u05NLbqdCaiu-4_
Other Info cookie:__Secure-ENID
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=YHdrjhl60LnJLG_qLWfZMcVvkgtmpsWkTGesHOMk4oKpe_gL6xYOBgVjnmUWu5GtQpH4mT4ACo68SgRbuAT0N3-_9_8MswsVLuuduorLEz9ITolmiwi5YV-I58jV1Fx671i80SLpN1FiKy1vLuVvGltwVOh7qcVGMNHlgb6SBd69LGn_fm6Nh1tcOtRcj4GU
Other Info cookie:__Secure-ENID
URL https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=IHNwZfq3KfaSxc8P3rOK6A8&zx=1701868345023&opi=89978449
Method GET
Parameter NID
Attack
Evidence 511=dK2efYIbCaYwxbjc9-bVsfFFOU0EgDpExx4d70NN60T-vBrzzgoLq_IMsokBe6A30ueUjWS51sM2oSUyvbe4UbGc-rdeisjKuyUq5LuC87l48gwr1YjoE93nASBCKvvAntyUfn0abo6_52MiXbOObOxd8I3TM8BWHj0iyugvpB14HXsdkDB_rFfQrA8N
Other Info cookie:NID
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter SOCS
Attack
Evidence CAISHAgBEhJnd3NfMjAyMzEyMDQtMF9SQzEaAmVuIAEaBgiA876rBg
Other Info cookie:SOCS cookie:NID
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time cookie:ubid-main cookie:session-token cookie:session-id
URL https://www.google.com/gen_204?atyp=csi&ei=IHNwZfq3KfaSxc8P3rOK6A8&s=webhp&t=fi&st=26775&fid=0&zx=1701868345090&opi=89978449
Method POST
Parameter NID
Attack
Evidence 511=gcCxUiCPY7mP7_ARr0Gm45Xn41mKT0fDSqYL5fB6jdL1sO19SCplDoZAIrOarQzfLT2LS8s7yx9tIwMu5jIgeR289DiXBv_4k5EE_bru0p1ro-2JrCulF1wt_pwNfG-cLjmvEPUrgw_D4A1OnXFRgO1YGumowkoErPbx3eqxt87fhmuniJtIg4wVKvKQ
Other Info cookie:NID
URL https://www.google.com/gen_204?ei=IHNwZfq3KfaSxc8P3rOK6A8&vet=10ahUKEwj6x9XF8fqCAxV2SfEDHd6ZAv0QhJAHCBw..h&bl=btNu&s=webhp&cdot=25419
Method POST
Parameter NID
Attack
Evidence 511=mo_7nia26F_lUgt6Wcc---u0WBntB5BIV8Des-Bu77zuVKW5A1c0-MZqIa8ex0GydFY-m2qlViaPl1pxxwYG9Rs8rJ4BNKz2mKKGxcHrG5Hsy4f3Ih9f73vZ4ssmRo577iLvJAY1nXBfRlM5dhwX8pFbldmjvs0BsUMQONHzh29kIHacV3wXDBUYSiM0
Other Info cookie:NID
URL https://www.amazon.com/ap/register?clientContext=134-9805331-2128027&failedSignInCount=0&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage&pageId=usflex&prepopulatedLoginId&prevRID=Q699XA2PY2XVDXYA05F7&showRememberMe=true
Method GET
Parameter clientContext
Attack
Evidence 134-9805331-2128027
Other Info url:clientContext
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16218619011%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fprivacyprefs%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fregistries%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/signin?accountStatusPolicy=P1&clientContext=134-9805331-2128027&language=en_US&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fvideo%2Fauth%2Freturn%2Fref%3Dav_auth_ap%3F_t%3Dsg-OvgI-MifzhjKp20ZH5LS_XaOWk72ZJ9shisOk2KKkAAAAAAQAAAABlcHDQcmF3AAAAAPgWC9WfHH8iB-olH_E9xQ%26location%3D%2Fgp%2Fvideo%2Fprofiles%3Fref_%253Datv_auth_red_aft
Method GET
Parameter clientContext
Attack
Evidence 134-9805331-2128027
Other Info url:clientContext
URL https://www.amazon.com/ap/signin?accountStatusPolicy=P1&clientContext=134-9805331-2128027&language=en_US&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fvideo%2Fauth%2Freturn%2Fref%3Dav_auth_ap%3F_t%3Dsg5qgcieU_RTfbDLjO2sFrPSzyoQMf_Lmd3DaMsqB2TWKAAAAAQAAAABlcHDmcmF3AAAAAPgWC9WfHH8iB-olH_E9xQ%26location%3D%2Fgp%2Fvideo%2Fmystuff%2Fwatchlist%3Fref_%253Datv_auth_red_aft
Method GET
Parameter clientContext
Attack
Evidence 134-9805331-2128027
Other Info url:clientContext
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter clientContext
Attack
Evidence 134-9805331-2128027
Other Info url:clientContext
URL https://www.amazon.com/ap/signin?clientContext=134-9805331-2128027&language=en_US&marketPlaceId=USAmazon&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Ffiona%2Fmanage
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3F_encoding%3DUTF8%26node%3D2238192011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D16115931011%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_custrec_signin
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D2102313011%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fb%2F%3Fie%3DUTF8%26node%3D388305011%26ref_%3Dnav_signin
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fgoldbox%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Fprime%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fmusic%2Funlimited%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/b/?ie=UTF8&node=16976406011&ref_=sv_subnav_goldbox_2
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/b/?ie=UTF8&node=3059207011&ref_=sv_subnav_goldbox_4
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/b/?node=2658409011
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/%3C%23=cItem.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/%3C%23=error.button.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/%3C%23=item.image.src%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/%3C%23=link.url%20%23%3E?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/%3C%23=row.url%20%23%3E?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/aw/ol/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/aw/ol/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/aws/ssop?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/b2b-rd?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/cart/%3C%23=error.button.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/cart/%3C%23=item.image.src%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/css/homepage.html?ref=youraccount_asns_bc
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/customer-media/actions/delete/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/customer-media/actions/edit-caption/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/customer-media/upload?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/digital/fiona/manage?ref_=footer_myk
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/gc/widget?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/gfix?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/help/customer/display.html/ref=ord_cart_lm?nodeId=468468
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/help/customer/express/c2c/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/help/customer/express/c2c/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/legacy-handle-buy-box.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/lhb-adaptor/handle-buy-box/136-8493707-0325261?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/music/clipserve?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/music/wma-pop-up?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/offer-listing/
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/offer-listing/9000?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/offer-listing/?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/offer-listing/B000?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/pdp/invitation/invite?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/redirect.html?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/richpub/listmania/fullview/R1XIHQVKXSKBNJ?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/richpub/listmania/fullview/R3HQ5WJSZK6QSO?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/rl/settings?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/site-directory?ref_=nav_em_js_disabled&ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/slredirect?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/watchlist/ref%3Datv_auth_red_aft
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/gp/voting/?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/gp/yourstore/recs/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/music/prime/signup?cancelRedirectURL=L211c2ljL3ByaW1l&notNowRedirectURL=L211c2ljL3ByaW1l&redirectURL=L211c2ljL3BsYXllcg&ref_=dm_lnd_pm_pmtr_11f73476
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/music/unlimited/signup?notNowRedirectURL=L211c2ljL3VubGltaXRlZA%3D%3D&ref_=dm_lnd_hf_hfsgn_aab71000
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/music/unlimited/why-hd?view=spatial-audio
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/outlet/?_encoding=UTF8&ref_=sv_subnav_goldbox_3
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/registries/
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/registries/%3C%23=item.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/registries/%3C%23=row.url%20%23%3E
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/registries/holiday?ref_=gr-landing-holiday
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/registries/pet?ref_=gr-landing-pet
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/registries?ref_=wedding_subnav
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/rss/people/*/reviews
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id
Attack
Evidence 147-4280155-9611859
Other Info cookie:session-id
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/rss/people/*/reviews?ue_back=1
Method GET
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
URL https://www.amazon.com/wedding/mp/featuredcollections?ref_=wedding_subnav
Method GET
Parameter session-token
Attack
Evidence PhvvRLPZjgKs1trOfUnEG0Vq5VDmvQwDvSaVHwexLY5hWln0hWo2GUUgDMFeFUakJ1MybFYzGO1PE5zCVXUatoqf0ySiFlK7eoIYT/AULFHjdsMefzvQ4oUG0+xfkqFx98qGIOcgynRe7EbjulIQhB+fee4aLJrSAB8E8J67UFOBV4/DvANjS94El+yLTmjnowtNg1C7FzlAlJaGtNzb4P9RGIyHFLFoX5aUAwS0wKZadLPmf1DMTlBWsVEmZqKcuU9DmD6hRK7/aNVEHdgOgHUPuGhaQEWRnQIJryhyUUquEsTepHpUJuGgqmDZyXlPqUgVp7zJH9fSP9HsAQv4ncVmE3PV9WX2
Other Info cookie:session-token
URL https://www.amazon.com/wedding/search?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/wedding/shop/top-100?ref_=wedding_subnav
Method GET
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.google.com/
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=JEhClBETtkU0oBdIyDcRBljs6i4ROdvxmGAaUnexOlFsoc4dM2tE2a-K2ZwMZbxW4fOIdCNymEqw5kH_nnLTk4YlcvaQo28mKMd2M-y6s2eKmTzPyDruHoKiLDIe47-NgUi-RWT7EG6T14igxzPjuu9BX9kQIiFvfEMSkRuXliE
Other Info cookie:__Secure-ENID
URL https://www.google.com/
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=knmx-d6YsQWKLUclBOv3foXMdABzZHO9epCo4xhtP7acpqb1m8fuTZH9ybTytVjGPoEmRSY8MVtjMaEabLjJrx5puwUfFs5qza11UHJjRXjnPPPRRxoLNd0uJSW5bBa-OYDbSAG55bF-yyR293QiADECble3zJ26kfnsX2Cbrt0
Other Info cookie:__Secure-ENID
URL https://www.google.com/
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=r9sQFMoD3tZtpm9NUUXjo6wIWM6sU2J2hJeCgWjL-YxHKQIMygJsNhKCyM2xfhy6aurcVGqH8Roj1cDr_gybMzLw-rZjHgFKBXZBw7TKHAbMNEpzPWRIq431zpCQpxKy8WLUW12IoPfUCj0z2AF_5O2_HN4JD-99VxtZiPPq4VE
Other Info cookie:__Secure-ENID
URL https://www.google.com/
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=u6g2Igiy9eOanbsxYDniHNlPCPlYETNDNh0dqLRIvqmol6GHGhoTzzF9Dsmek6kjaLwrDX2XudS8vW9o3eBNepCp-8i9ZzbAyG9YAy4f0OjzAmFHblnwxmgNEFp6nEUzElcRk56FlOd0zCbU8pMty4sfEPxyf3dJEekPp_ZTF54
Other Info cookie:__Secure-ENID
URL https://www.google.com/
Method GET
Parameter AEC
Attack
Evidence Ackid1QnLOJ1JEXoiZ3V3pMfv2Rf_kBbxo2LZkMbq0M2jIGc7yUxfW9KoEo
Other Info cookie:AEC
URL https://www.google.com/
Method GET
Parameter AEC
Attack
Evidence Ackid1SDNUOYi1S1W2xp3LUpZjyPTcXt2zAk4mx9HfGvn223l_910oUD1fI
Other Info cookie:AEC
URL https://www.google.com/
Method GET
Parameter AEC
Attack
Evidence Ackid1Seb2bV26xMxx3fbwu1YPzevChA44cBaUlPivw78_6jvSTQavp_Bw
Other Info cookie:AEC
URL https://www.google.com/
Method GET
Parameter AEC
Attack
Evidence Ackid1TQXh5mfxEjybeXiuyD-PtodkRHsROmljsWwKiLvOWukM2qS1Lue6E
Other Info cookie:AEC
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+172
Other Info cookie:CONSENT
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+698
Other Info cookie:CONSENT
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+749
Other Info cookie:CONSENT
URL https://www.google.com/
Method GET
Parameter CONSENT
Attack
Evidence PENDING+813
Other Info cookie:CONSENT
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=BfptuzASiJ52VtO4glBuRdZ-3IUVJqoVRqB7PLaB6MMFYSB07aZQQj4D6oOXRGsV7v40Jd4voC6qPJHugE3Mh99pW0ooZX3poH0Nwm7pBaQ7v-RO-gloOeSLdGLkld3XoVDpRCwcVFVU6hbTGiaOjiAEKQK7MvAsvaVpGU_X5newAHcoqlgmcEknHAHaoV8
Other Info cookie:__Secure-ENID
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=IBgXpmy9HoUh6i-PfsNOsOuM_UxREkicyzsSXmPAJjSMQC30azy9wTXtLV-_THewxCWEVahaaPDcxuILiiMjF0d3YCyNHSF9z5BNL6HAL-slW_1O1Ela1lfZtJlHOyQYRhOiZt7XBxgsKC9ebF7j66wvg3vZh3APo8wflA774lGRLtk9zw3vTl54hvcYuKTI
Other Info cookie:__Secure-ENID
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=KkKILj-VDPB7VyW3jbgDdyOzjGjgSGZakV_peBB1-b5N2T3-MkIDoUBm3J3YMo7L6LRxN5YUMeQgEva4PuAGyQSWxMmRtN6UV2XGzFGZ9KXm3luWdyAu4G3g--7fo_HD7ukQw1N6xNUaAkDv1dtny1CXVgnYKk51DVZUXplXTPTahk4p3u05NLbqdCaiu-4_
Other Info cookie:__Secure-ENID
URL https://www.google.com/client_204?cs=2&opi=89978449
Method GET
Parameter __Secure-ENID
Attack
Evidence 16.SE=YHdrjhl60LnJLG_qLWfZMcVvkgtmpsWkTGesHOMk4oKpe_gL6xYOBgVjnmUWu5GtQpH4mT4ACo68SgRbuAT0N3-_9_8MswsVLuuduorLEz9ITolmiwi5YV-I58jV1Fx671i80SLpN1FiKy1vLuVvGltwVOh7qcVGMNHlgb6SBd69LGn_fm6Nh1tcOtRcj4GU
Other Info cookie:__Secure-ENID
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter NID
Attack
Evidence 511=WRXNjR8uYqa33LiFFztn5VvA8uFq6llIzNmzsIHshZyMnC6rI4uryxQTfbydYI2_B83aICvQ_PV-9OK6NRh3YmQHQBmmyIytc8nn9mvxGgPw-TcdVs8B2GkaXgPPNGs7turDQw6UcILfRE2SiBNIiORsklWS3BzDBUzP7YRBQItERz3IcBJIyaGL6vNU
Other Info cookie:NID
URL https://consent.google.com/save?continue=https://www.google.com/&gl=BG&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20231204-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
Method POST
Parameter SOCS
Attack
Evidence CAISHAgBEhJnd3NfMjAyMzEyMDQtMF9SQzEaAmVuIAEaBgiA876rBg
Other Info cookie:SOCS
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter session-id-time
Attack
Evidence 2082787201l
Other Info cookie:session-id-time
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter ubid-main
Attack
Evidence 134-9805331-2128027
Other Info cookie:ubid-main
Instances 398
Solution
This is an informational alert rather than a vulnerability and so there is nothing to fix.
Reference https://www.zaproxy.org/docs/desktop/addons/authentication-helper/session-mgmt-id
CWE Id
WASC Id
Plugin Id 10112
Informational
User Controllable Charset
Description
This check looks at user-supplied input in query string parameters and POST data to identify where Content-Type or meta tag charset declarations might be user-controlled. Such charset declarations should always be declared by the application. If an attacker can control the response charset, they could manipulate the HTML to perform XSS or other attacks. For example, an attacker controlling the <meta> element charset value is able to declare UTF-7 and is also able to include enough user-controlled payload early in the HTML document to have it interpreted as UTF-7. By encoding their payload with UTF-7 the attacker is able to bypass any server-side XSS protections and embed script in the page.
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter ie
Attack
Evidence
Other Info A(n) [META] tag [Content-Type] attribute The user input found was: ie=UTF-8 The charset value it controlled was: UTF-8
Instances 1
Solution
Force UTF-8 in all charset declarations. If user-input is required to decide a charset declaration, ensure that only an allowed list is used.
Reference
CWE Id 20
WASC Id 20
Plugin Id 10030
Informational
User Controllable HTML Element Attribute (Potential XSS)
Description
This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.
URL https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter *Version*
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: *Version*=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8
Method GET
Parameter *Version*
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: *Version*=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dfooter_yo&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter showRmrMe
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dfooter_yo&pageId=webcs-yourorder&showRmrMe=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showRmrMe=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_AccountFlyout_orders&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter showRmrMe
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_AccountFlyout_orders&pageId=webcs-yourorder&showRmrMe=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showRmrMe=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_orders_first&pageId=webcs-yourorder&showRmrMe=1
Method GET
Parameter showRmrMe
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fcss%2Forder-history%3Fie%3DUTF8%26ref_%3Dnav_orders_first&pageId=webcs-yourorder&showRmrMe=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showRmrMe=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon
Method GET
Parameter pageId
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/ap/signin?language=en_US&openid.assoc_handle=amzn_swa_desktop_na&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fhz5%2Fyourmembershipsandsubscriptions%3Fref_%3Dnav_AccountFlyout_digital_subscriptions&pageId=amazon appears to include user input in: a(n) [i] tag [aria-label] attribute The user input found was: pageId=amazon The user-controlled value was: amazon
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: keywords=ZAP The user-controlled value was: zap mask ztox softness nourish discipline professional use 950g/33.51 oz
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: keywords=ZAP The user-controlled value was: zap me leva black and detox kit 2l | brazilian keratin treatment | progressive brush | smoothing system | frizzy free | volum
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: keywords=ZAP The user-controlled value was: zap
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter qid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13 appears to include user input in: a(n) [input] tag [data-qid] attribute The user input found was: qid=1701867726 The user-controlled value was: 1701867726
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter qid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: qid=1701867726 The user-controlled value was: 1701867726
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter sr
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13 appears to include user input in: a(n) [input] tag [data-sr] attribute The user input found was: sr=8-13 The user-controlled value was: 8-13
URL https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13
Method GET
Parameter sr
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Capillary-Zap-Professional-Eliminates-33-51fl-oz/dp/B079QZ9TQG/ref=sr_1_13?keywords=ZAP&qid=1701867726&sr=8-13 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: sr=8-13 The user-controlled value was: 8-13
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [div] tag [data-csa-c-asin] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [div] tag [data-detailPageAsin] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [input] tag [data-asin] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [li] tag [data-csa-c-item-id] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [li] tag [data-defaultAsin] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/b/ The user-controlled value was: /b/
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/b/ The user-controlled value was: /b/?_encoding=utf8&ld=azussoa-sell&node=12766669011&ref_=nav_cs_sell
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/b/ The user-controlled value was: /b/?node=18190131011&ld=azussoa-seemore&ref_=footer_seemore
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/b The user-controlled value was: /b
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/b The user-controlled value was: /b/?_encoding=utf8&ld=azussoa-sell&node=12766669011&ref_=nav_cs_sell
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/b The user-controlled value was: /b/?node=18190131011&ld=azussoa-seemore&ref_=footer_seemore
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fb&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/b The user-controlled value was: /business?ref_=footer_retail_b2b
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/customer-preferences/country The user-controlled value was: /customer-preferences/country
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fcountry&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/customer-preferences/country The user-controlled value was: /customer-preferences/country?ie=utf8&preferencesreturnurl=%2f&ref_=footer_icp_cp
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/customer-preferences/edit The user-controlled value was: /customer-preferences/edit
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/customer-preferences/edit The user-controlled value was: /customer-preferences/edit?ie=utf8&preferencesreturnurl=%2f&ref_=footer_lang
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/customer-preferences/edit The user-controlled value was: /customer-preferences/edit?ie=utf8&preferencesreturnurl=%2f&ref_=topnav_lang_ais
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fcustomer-preferences%2Fedit&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/customer-preferences/edit The user-controlled value was: /customer-preferences/edit?ie=utf8&ref_=footer_cop&preferencesreturnurl=%2fcustomer-preferences%2fedit
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3DcItem.url%2520%2523%253E&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/%3C%23=cItem.url%20%23%3E The user-controlled value was: /gcx/-/gfhz/%3c%23=citem.url%20%23%3e
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Derror.button.url%2520%2523%253E&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/%3C%23=error.button.url%20%23%3E The user-controlled value was: /gcx/-/gfhz/%3c%23=error.button.url%20%23%3e
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.image.src%2520%2523%253E&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/%3C%23=item.image.src%20%23%3E The user-controlled value was: /gcx/-/gfhz/%3c%23=item.image.src%20%23%3e
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Ditem.url%2520%2523%253E&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/%3C%23=item.url%20%23%3E The user-controlled value was: /gcx/-/gfhz/%3c%23=item.url%20%23%3e
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Dlink.url%2520%2523%253E&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/%3C%23=link.url%20%23%3E The user-controlled value was: /gcx/-/gfhz/%3c%23=link.url%20%23%3e
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2F%253C%2523%3Drow.url%2520%2523%253E&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/%3C%23=row.url%20%23%3E The user-controlled value was: /gcx/-/gfhz/%3c%23=row.url%20%23%3e
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/add-wishlist The user-controlled value was: /gcx/-/gfhz/add-wishlist
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2F-%2Fgfhz%2Fget&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/-/gfhz/get The user-controlled value was: /gcx/-/gfhz/get
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgcx%2FGifts-for-Adults%2Fgfhz%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gcx/Gifts-for-Adults/gfhz/ The user-controlled value was: /gcx/gifts-for-adults/gfhz/
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gift-cards/b/ The user-controlled value was: /gift-cards/b/
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgift-cards%2Fb%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gift-cards/b/ The user-controlled value was: /gift-cards/b/?ie=utf8&node=2238192011&ref_=nav_cs_gc
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html?node=10232440011&ref_=footer_reload_us
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html?node=16115931011&ref_=nav_cs_registry
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html?node=16218619011&ref_=footer_swp
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html?node=2102313011&ref_=footer_devices
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html?node=230659011&ref_=footer_amazonglobal
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fbrowse.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/browse.html The user-controlled value was: /gp/browse.html?node=388305011&ref_=footer_tfx
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/cart/view.html The user-controlled value was: /gp/cart/view.html
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fcart%2Fview.html&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/cart/view.html The user-controlled value was: /gp/cart/view.html?ref_=nav_cart
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/goldbox The user-controlled value was: /gp/goldbox
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fgoldbox&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/goldbox The user-controlled value was: /gp/goldbox?ref_=nav_cs_gb
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/history/ The user-controlled value was: /gp/history/
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fhistory&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/history The user-controlled value was: /gp/history
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fwedding%2Fhomepage%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/wedding/homepage/ The user-controlled value was: /gp/wedding/homepage/
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore%2Frecs%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/yourstore/recs/ The user-controlled value was: /gp/yourstore/recs/
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fgp%2Fyourstore&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp/yourstore The user-controlled value was: /gp/yourstore
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fhz%2Fwishlist%2Fintro&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/hz/wishlist/intro The user-controlled value was: /hz/wishlist/intro
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Fprime&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/music/prime The user-controlled value was: /music/prime
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fmusic%2Funlimited&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/music/unlimited The user-controlled value was: /music/unlimited
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/privacyprefs The user-controlled value was: /privacyprefs
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fprivacyprefs&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/privacyprefs The user-controlled value was: /privacyprefs?ref_=footer_iba
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries%2F&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/registries/ The user-controlled value was: /registries/
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fregistries&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/registries The user-controlled value was: /registries
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/s The user-controlled value was: /s
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/s The user-controlled value was: /services?ref_=footer_services
URL https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?ie=UTF8&preferencesReturnUrl=%2Fs&ref_=footer_cop appears to include user input in: a(n) [form] tag [action] attribute The user input found was: preferencesReturnUrl=/s The user-controlled value was: /s/ref=nb_sb_noss
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/bit/ref=footer_bit_v2_us_a0029?bitcampaigncode=a0029
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/browse.html?node=10232440011&ref_=footer_reload_us
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/browse.html?node=14498690011&ref_=amzn_nav_ftr_swa
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/browse.html?node=16115931011&ref_=nav_cs_registry
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/browse.html?node=16218619011&ref_=footer_swp
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/browse.html?node=2102313011&ref_=footer_devices
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/browse.html?node=230659011&ref_=footer_amazonglobal
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/browse.html?node=388305011&ref_=footer_tfx
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/cart/view.html?ref_=nav_cart
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/css/order-history?ref_=nav_orders_first
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/css/returns/homepage.html?ref_=footer_hy_f_4
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/digital/fiona/manage?ref_=footer_myk
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/goldbox?ref_=nav_cs_gb
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/help/customer/accessibility
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/help/customer/display.html?nodeid=468496&ref_=footer_privacy
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/help/customer/display.html?nodeid=468520&ref_=footer_shiprates
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/help/customer/display.html?nodeid=508088&ref_=footer_cou
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/help/customer/display.html?nodeid=508510&ref_=footer_gw_m_b_he
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/help/customer/display.html?nodeid=508510&ref_=nav_cs_customerservice
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/help/customer/display.html?nodeid=gdfu3js5al6syhrd&ref_=footer_covid
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/history
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/seller-account/mm-summary-page.html?ld=azfooterselfpublish&topic=200260520&ref_=footer_publishing
URL https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp
Method GET
Parameter preferencesReturnUrl
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/customer-preferences/edit?preferencesReturnUrl=/gp appears to include user input in: a(n) [a] tag [href] attribute The user input found was: preferencesReturnUrl=/gp The user-controlled value was: /gp/site-directory?ref_=nav_em_js_disabled
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/167182c2?showvariations=true
URL https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/167182c2/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09QXYQX98&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/34f9f54f?showvariations=true
URL https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/34f9f54f/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07WXNHVXH&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/3dc525f9?showvariations=true
URL https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3dc525f9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09SK96KRS&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/3f419c53?showvariations=true
URL https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/3f419c53/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B072NHMG4N&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/4ec3d466?showvariations=true
URL https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/4ec3d466/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09N9ZN578&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/6bdcecff?showvariations=true
URL https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/6bdcecff/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0B2SH4CN6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/7157647b?showvariations=true
URL https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7157647b/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CFZ5F9J2&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/7ab43e26?showvariations=true
URL https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/7ab43e26/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CD8YMKWC&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/88a18097?searchalias=fashion&showvariations=true
URL https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/88a18097/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B09H7LPV13&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&searchAlias=fashion&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/95b69251?showvariations=true
URL https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/95b69251/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B003VWXZQ0&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/b643ddf8?showvariations=true
URL https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/b643ddf8/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0941PVLYN&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/cf754241?showvariations=true
URL https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/cf754241/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B0CGTD5KVT&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/d0783fb4?showvariations=true
URL https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/d0783fb4/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B00QNWEOA6&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: showVariations=true The user-controlled value was: https://www.amazon.com/deal/e8f7ddb9?showvariations=true
URL https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true
Method GET
Parameter showVariations
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/deal/e8f7ddb9/?_encoding=UTF8&content-id=amzn1.sym.3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pd_rd_i=B07VM1HQ87&pd_rd_r=44a6bc4c-b505-4da2-8565-050e933fa24c&pd_rd_w=bGbAh&pd_rd_wg=amCmC&pf_rd_p=3c339ec0-ad4b-45f2-b5a2-5ce0a481c929&pf_rd_r=QVAAGKRY13968VZP707Y&showVariations=true appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: showVariations=true The user-controlled value was: true
URL https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO
Method GET
Parameter ie
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO appears to include user input in: a(n) [meta] tag [charset] attribute The user input found was: ie=UTF-8 The user-controlled value was: utf-8
URL https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/EIOTCLUB-Prepaid-LTE-Cellular-Card/dp/B096X8471C/ref=nta-top-sellers_d_sccl_1_8/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: psc=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2Bw%2BSZ5NKCNicxUMlC%2Bk0dQ%3D%3D&amzn-r=%2Fref%3Dnav_logo&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=%2Bw%2BSZ5NKCNicxUMlC%2Bk0dQ%3D%3D&amzn-r=%2Fref%3Dnav_logo&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ref=nav_logo The user-controlled value was: /ref=nav_logo
URL https://www.amazon.com/errors/validateCaptcha?amzn=%2F3fuOxEhwt63ufV6T0bxcA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=%2F3fuOxEhwt63ufV6T0bxcA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust The user-controlled value was: /ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fyourstore%2f%3fie%3dutf8%26ref_%3dnav_newcust
URL https://www.amazon.com/errors/validateCaptcha?amzn=03tZvbYvlNFf2acq5oHUcQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fwrite-a-review.html%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=03tZvbYvlNFf2acq5oHUcQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fwrite-a-review.html%3Fue_back%3D1&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/customer-reviews/write-a-review.html?ue_back=1 The user-controlled value was: /gp/customer-reviews/write-a-review.html?ue_back=1
URL https://www.amazon.com/errors/validateCaptcha?amzn=08uZdACqvtGgyluS825gmg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=08uZdACqvtGgyluS825gmg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/video/mystuff The user-controlled value was: /gp/video/mystuff
URL https://www.amazon.com/errors/validateCaptcha?amzn=0Lihl1baWvhf6TOkXodwsA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=0Lihl1baWvhf6TOkXodwsA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/rate-this-item The user-controlled value was: /gp/product/rate-this-item
URL https://www.amazon.com/errors/validateCaptcha?amzn=0YOsOdJkoTlrb2JQ0RFSDA%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=0YOsOdJkoTlrb2JQ0RFSDA%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/orc/rml/ The user-controlled value was: /gp/orc/rml/
URL https://www.amazon.com/errors/validateCaptcha?amzn=1QT5N1E%2BoHYA3uY20Z45Qw%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=1QT5N1E%2BoHYA3uY20Z45Qw%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/manual-submit/ The user-controlled value was: /dp/manual-submit/
URL https://www.amazon.com/errors/validateCaptcha?amzn=2%2BTC4M6etm0GUm88X8TuOQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=2%2BTC4M6etm0GUm88X8TuOQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin The user-controlled value was: /ap/signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=2UjxEKDb5KJ%2F9hQYTEgkuA%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=2UjxEKDb5KJ%2F9hQYTEgkuA%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ss/customer-reviews/lighthouse/ The user-controlled value was: /ss/customer-reviews/lighthouse/
URL https://www.amazon.com/errors/validateCaptcha?amzn=3c9Q%2BP%2FBegFwrtaVnNB7JQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=3c9Q%2BP%2FBegFwrtaVnNB7JQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgcx%2f-%2fgfhz%2fadd-wishlist%2f%3f_encoding%3dutf8%26ref_%3dnav_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=3LujxYM0A0USyG2OFfjV7w%3D%3D&amzn-r=%2Fref%3Dcs_503_link&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=3LujxYM0A0USyG2OFfjV7w%3D%3D&amzn-r=%2Fref%3Dcs_503_link&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ref=cs_503_link The user-controlled value was: /ref=cs_503_link
URL https://www.amazon.com/errors/validateCaptcha?amzn=3v%2FH%2F%2Fp8hxS87L1CRjIe8g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=3v%2FH%2F%2Fp8hxS87L1CRjIe8g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8 The user-controlled value was: /132-3165371-6872408?%2aversion%2a=1&%2aentries%2a=0&ie=utf8
URL https://www.amazon.com/errors/validateCaptcha?amzn=4L6GAxTLeRFZV1Ql%2F0XDbg%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=4L6GAxTLeRFZV1Ql%2F0XDbg%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8 The user-controlled value was: /145-5865731-3714800?%2aversion%2a=1&%2aentries%2a=0&ie=utf8
URL https://www.amazon.com/errors/validateCaptcha?amzn=5PEpbY7VE%2Fx%2BF4QsbQCCsA%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=5PEpbY7VE%2Fx%2BF4QsbQCCsA%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/video/settings The user-controlled value was: /gp/video/settings
URL https://www.amazon.com/errors/validateCaptcha?amzn=5wtQMuRaMjiNWnLNzrc%2FVQ%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=5wtQMuRaMjiNWnLNzrc%2FVQ%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/en$ The user-controlled value was: /-/en$
URL https://www.amazon.com/errors/validateCaptcha?amzn=7fi5ByKad%2BdcvxZljfMzqA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=7fi5ByKad%2BdcvxZljfMzqA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fyourstore%2f%3fie%3dutf8%26ref_%3dnav_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=89kxzNpqpBqZafLdlFX0nQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=89kxzNpqpBqZafLdlFX0nQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_newcust The user-controlled value was: /ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgcx%2f-%2fgfhz%2fadd-wishlist%2f%3f_encoding%3dutf8%26ref_%3dnav_custrec_newcust
URL https://www.amazon.com/errors/validateCaptcha?amzn=8T23TyPKJ9nYw28W4EnfEw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=8T23TyPKJ9nYw28W4EnfEw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/rate-this-item The user-controlled value was: /gp/product/rate-this-item
URL https://www.amazon.com/errors/validateCaptcha?amzn=95jTc%2Fjf17cFyeMo2q5R7g%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=95jTc%2Fjf17cFyeMo2q5R7g%3D%3D&amzn-r=%2F-%2Fen%24&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/en$ The user-controlled value was: /-/en$
URL https://www.amazon.com/errors/validateCaptcha?amzn=97fM1dyt3h9Jc6nkywTmLA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=97fM1dyt3h9Jc6nkywTmLA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust The user-controlled value was: /ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fhistory%2f%3fie%3dutf8%26ref_%3dnav_custrec_newcust
URL https://www.amazon.com/errors/validateCaptcha?amzn=9AQHcF15x6pT5YUsFxlgBg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=9AQHcF15x6pT5YUsFxlgBg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_newcust The user-controlled value was: /ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fhistory%2f%3fie%3dutf8%26ref_%3dnav_newcust
URL https://www.amazon.com/errors/validateCaptcha?amzn=9dkyynGR9nYfowg38vfKbQ%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=9dkyynGR9nYfowg38vfKbQ%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/zh_TW$ The user-controlled value was: /-/zh_tw$
URL https://www.amazon.com/errors/validateCaptcha?amzn=9OGFBL46Q7pNVyNctgZC0w%3D%3D&amzn-r=%2Fhz%2Fmycd%2Fmyx%3FpageType%3Dcontent%26ref_%3Dnav_AccountFlyout_myk&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=9OGFBL46Q7pNVyNctgZC0w%3D%3D&amzn-r=%2Fhz%2Fmycd%2Fmyx%3FpageType%3Dcontent%26ref_%3Dnav_AccountFlyout_myk&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk The user-controlled value was: /hz/mycd/myx?pagetype=content&ref_=nav_accountflyout_myk
URL https://www.amazon.com/errors/validateCaptcha?amzn=9Z05sBM3FDHZbxQkWsnZ0Q%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=9Z05sBM3FDHZbxQkWsnZ0Q%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/e-mail-friend/ The user-controlled value was: /dp/e-mail-friend/
URL https://www.amazon.com/errors/validateCaptcha?amzn=apEvdI6SD8q8%2Bj6RqXItyg%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=apEvdI6SD8q8%2Bj6RqXItyg%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/product-reviews/B0069IY63Y The user-controlled value was: /product-reviews/b0069iy63y
URL https://www.amazon.com/errors/validateCaptcha?amzn=BdXJNklVh%2FTo3oUFbCnlxg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=BdXJNklVh%2FTo3oUFbCnlxg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/reviews/iframe The user-controlled value was: /reviews/iframe
URL https://www.amazon.com/errors/validateCaptcha?amzn=BMw1tPBj4bD27JeQvJERag%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=BMw1tPBj4bD27JeQvJERag%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/shipping/ The user-controlled value was: /dp/shipping/
URL https://www.amazon.com/errors/validateCaptcha?amzn=c2HyZR58QutNLD12xni6Nw%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=c2HyZR58QutNLD12xni6Nw%3D%3D&amzn-r=%2Fss%2Fcustomer-reviews%2Flighthouse%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ss/customer-reviews/lighthouse/ The user-controlled value was: /ss/customer-reviews/lighthouse/
URL https://www.amazon.com/errors/validateCaptcha?amzn=C7pO3cDUAWU%2FidqGpXFrjg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fiyr%2F%3Fie%3DUTF8%26ref_%3Dsv_ys_3&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=C7pO3cDUAWU%2FidqGpXFrjg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fiyr%2F%3Fie%3DUTF8%26ref_%3Dsv_ys_3&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/yourstore/iyr/?ie=UTF8&ref_=sv_ys_3 The user-controlled value was: /gp/yourstore/iyr/?ie=utf8&ref_=sv_ys_3
URL https://www.amazon.com/errors/validateCaptcha?amzn=cHeprgreEvleNxcpw6qQ7g%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=cHeprgreEvleNxcpw6qQ7g%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub The user-controlled value was: /ap/signin?language=en_us&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3a%2f%2fwww.amazon.com%2fcreatorhub
URL https://www.amazon.com/errors/validateCaptcha?amzn=Czxv0r4fsgCtUApC77nCZA%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=Czxv0r4fsgCtUApC77nCZA%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/he/ The user-controlled value was: /-/he/
URL https://www.amazon.com/errors/validateCaptcha?amzn=D2GoufXGvut9%2FZMuYkd9sQ%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fauth-redirect%2Fref%3Datv_auth_red_bef%3FreturnUrl%3D%2Fgp%2Fvideo%2Fmystuff%2Fref%253Datv_auth_red_aft&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=D2GoufXGvut9%2FZMuYkd9sQ%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fauth-redirect%2Fref%3Datv_auth_red_bef%3FreturnUrl%3D%2Fgp%2Fvideo%2Fmystuff%2Fref%253Datv_auth_red_aft&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/video/auth-redirect/ref=atv_auth_red_bef?returnUrl=/gp/video/mystuff/ref%3Datv_auth_red_aft The user-controlled value was: /gp/video/auth-redirect/ref=atv_auth_red_bef?returnurl=/gp/video/mystuff/ref%3datv_auth_red_aft
URL https://www.amazon.com/errors/validateCaptcha?amzn=DnotI5d00ATvL%2FoB2Njr5w%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub%252F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=DnotI5d00ATvL%2FoB2Njr5w%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Flanguage%3DEN_US%26openid.assoc_handle%3Damzn_creatorportal_mobile_us%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D3600%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fcreatorhub%252F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?language=EN_US&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fcreatorhub%2F The user-controlled value was: /ap/signin?language=en_us&openid.assoc_handle=amzn_creatorportal_mobile_us&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=3600&openid.return_to=https%3a%2f%2fwww.amazon.com%2fcreatorhub%2f
URL https://www.amazon.com/errors/validateCaptcha?amzn=E%2FKdDDIE0Gs6JwlreVZSrg%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=E%2FKdDDIE0Gs6JwlreVZSrg%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/he$ The user-controlled value was: /-/he$
URL https://www.amazon.com/errors/validateCaptcha?amzn=eJOcfxJSLiZ0gj%2BmnQ4giQ%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=eJOcfxJSLiZ0gj%2BmnQ4giQ%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/product-availability/ The user-controlled value was: /dp/product-availability/
URL https://www.amazon.com/errors/validateCaptcha?amzn=eSdz%2BgPr%2BBR7xoxjOIfsSw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=eSdz%2BgPr%2BBR7xoxjOIfsSw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/e-mail-friend The user-controlled value was: /gp/product/e-mail-friend
URL https://www.amazon.com/errors/validateCaptcha?amzn=ESObOh2M%2BMzmGyC8otRToQ%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=ESObOh2M%2BMzmGyC8otRToQ%3D%3D&amzn-r=%2F145-5865731-3714800%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/145-5865731-3714800?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8 The user-controlled value was: /145-5865731-3714800?%2aversion%2a=1&%2aentries%2a=0&ie=utf8
URL https://www.amazon.com/errors/validateCaptcha?amzn=f5ESAwpSkihjQPIl%2Bs9hlA%3D%3D&amzn-r=%2F%3Fref_%3Dfooter_logo&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=f5ESAwpSkihjQPIl%2Bs9hlA%3D%3D&amzn-r=%2F%3Fref_%3Dfooter_logo&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/?ref_=footer_logo The user-controlled value was: /?ref_=footer_logo
URL https://www.amazon.com/errors/validateCaptcha?amzn=FcYso%2F%2BzwFW3yW%2B%2Fwf7JMg%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=FcYso%2F%2BzwFW3yW%2B%2Fwf7JMg%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/customer-reviews/dynamic/sims-box The user-controlled value was: /gp/customer-reviews/dynamic/sims-box
URL https://www.amazon.com/errors/validateCaptcha?amzn=fFfU2T%2FD4%2FQzYRxmhnr52g%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=fFfU2T%2FD4%2FQzYRxmhnr52g%3D%3D&amzn-r=%2F-%2Fhe%24&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/he$ The user-controlled value was: /-/he$
URL https://www.amazon.com/errors/validateCaptcha?amzn=Ffm%2BNimpxLDgRmnUlPCD%2FA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=Ffm%2BNimpxLDgRmnUlPCD%2FA%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/e-mail-friend The user-controlled value was: /gp/product/e-mail-friend
URL https://www.amazon.com/errors/validateCaptcha?amzn=ha10fxEJzSh0nMyxhNHj8Q%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=ha10fxEJzSh0nMyxhNHj8Q%3D%3D&amzn-r=%2Fdp%2Fshipping%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/shipping/ The user-controlled value was: /dp/shipping/
URL https://www.amazon.com/errors/validateCaptcha?amzn=HbRcpcErDWcoTPiIjQDrsw%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=HbRcpcErDWcoTPiIjQDrsw%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fdynamic%2Fsims-box&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/customer-reviews/dynamic/sims-box The user-controlled value was: /gp/customer-reviews/dynamic/sims-box
URL https://www.amazon.com/errors/validateCaptcha?amzn=hWVbQrVPP60R%2FMEYDNFUqg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=hWVbQrVPP60R%2FMEYDNFUqg%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fyourstore%2f%3fie%3dutf8%26ref_%3dnav_custrec_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=IBfhlLDppwFRNkZKaih9Tw%3D%3D&amzn-r=%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-sell%26node%3D12766669011%26ref_%3Dnav_cs_sell&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=IBfhlLDppwFRNkZKaih9Tw%3D%3D&amzn-r=%2Fb%2F%3F_encoding%3DUTF8%26ld%3DAZUSSOA-sell%26node%3D12766669011%26ref_%3Dnav_cs_sell&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/b/?_encoding=UTF8&ld=AZUSSOA-sell&node=12766669011&ref_=nav_cs_sell The user-controlled value was: /b/?_encoding=utf8&ld=azussoa-sell&node=12766669011&ref_=nav_cs_sell
URL https://www.amazon.com/errors/validateCaptcha?amzn=ic88goIdY908wj6AsV8uHQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=ic88goIdY908wj6AsV8uHQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fyourstore%2f%3fie%3dutf8%26ref_%3dnav_ya_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=IgYhIcpecxxWcC1CwgCm6w%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=IgYhIcpecxxWcC1CwgCm6w%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/cdp/member-reviews/ The user-controlled value was: /gp/cdp/member-reviews/
URL https://www.amazon.com/errors/validateCaptcha?amzn=IKULlAVXx5%2B3JVfsoGdx7A%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=IKULlAVXx5%2B3JVfsoGdx7A%3D%3D&amzn-r=%2Fgp%2Forc%2Frml%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/orc/rml/ The user-controlled value was: /gp/orc/rml/
URL https://www.amazon.com/errors/validateCaptcha?amzn=itO3%2BJP6Ug64elgLVDhWQQ%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=itO3%2BJP6Ug64elgLVDhWQQ%3D%3D&amzn-r=%2Fgp%2Fcdp%2Fmember-reviews%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/cdp/member-reviews/ The user-controlled value was: /gp/cdp/member-reviews/
URL https://www.amazon.com/errors/validateCaptcha?amzn=jGyPq5xFSGjtlCbvS8hq8Q%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=jGyPq5xFSGjtlCbvS8hq8Q%3D%3D&amzn-r=%2Fdp%2Fmanual-submit%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/manual-submit/ The user-controlled value was: /dp/manual-submit/
URL https://www.amazon.com/errors/validateCaptcha?amzn=L5KXWOaTj0isegvpVanBeg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fhome%2F%3Fie%3DUTF8%26ref_%3Dtopnav_storetab_ys&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=L5KXWOaTj0isegvpVanBeg%3D%3D&amzn-r=%2Fgp%2Fyourstore%2Fhome%2F%3Fie%3DUTF8%26ref_%3Dtopnav_storetab_ys&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/yourstore/home/?ie=UTF8&ref_=topnav_storetab_ys The user-controlled value was: /gp/yourstore/home/?ie=utf8&ref_=topnav_storetab_ys
URL https://www.amazon.com/errors/validateCaptcha?amzn=lmOkLtqxprRCC9EF%2FZOFHQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=lmOkLtqxprRCC9EF%2FZOFHQ%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/customer-reviews/common/du The user-controlled value was: /gp/customer-reviews/common/du
URL https://www.amazon.com/errors/validateCaptcha?amzn=moJ2W1sEIk5sorRfxeE4jw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=moJ2W1sEIk5sorRfxeE4jw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fe-mail-friend&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/e-mail-friend The user-controlled value was: /gp/product/e-mail-friend
URL https://www.amazon.com/errors/validateCaptcha?amzn=nC%2BIi4ovQgV0mddORPTlFg%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=nC%2BIi4ovQgV0mddORPTlFg%3D%3D&amzn-r=%2F-%2Fzh_TW%24&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/zh_TW$ The user-controlled value was: /-/zh_tw$
URL https://www.amazon.com/errors/validateCaptcha?amzn=NprXEQdwV%2BMflR6xPECeGA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=NprXEQdwV%2BMflR6xPECeGA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_custrec_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgcx%2f-%2fgfhz%2fadd-wishlist%2f%3f_encoding%3dutf8%26ref_%3dnav_custrec_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=oCXu0M3f0U%2BzmrEAPhaLTQ%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=oCXu0M3f0U%2BzmrEAPhaLTQ%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/rate-this-item/ The user-controlled value was: /dp/rate-this-item/
URL https://www.amazon.com/errors/validateCaptcha?amzn=ODTLp74NeoowmDKyrtofhQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=ODTLp74NeoowmDKyrtofhQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fyourstore%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_newcust&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fyourstore%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_newcust The user-controlled value was: /ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fyourstore%2f%3fie%3dutf8%26ref_%3dnav_custrec_newcust
URL https://www.amazon.com/errors/validateCaptcha?amzn=PBV26dQb2Y1INzjq5mIGOg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=PBV26dQb2Y1INzjq5mIGOg%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fmystuff&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/video/mystuff The user-controlled value was: /gp/video/mystuff
URL https://www.amazon.com/errors/validateCaptcha?amzn=qJp9aWa6EQ0ORMOoPRQ6RA%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=qJp9aWa6EQ0ORMOoPRQ6RA%3D%3D&amzn-r=%2Fdp%2Frate-this-item%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/rate-this-item/ The user-controlled value was: /dp/rate-this-item/
URL https://www.amazon.com/errors/validateCaptcha?amzn=qootGElqNGNfpg%2Bx7sUGqw%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=qootGElqNGNfpg%2Bx7sUGqw%3D%3D&amzn-r=%2Fgp%2Fvideo%2Fsettings&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/video/settings The user-controlled value was: /gp/video/settings
URL https://www.amazon.com/errors/validateCaptcha?amzn=r6Uog%2FdbGV4fFmxHdfuShg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=r6Uog%2FdbGV4fFmxHdfuShg%3D%3D&amzn-r=%2Freviews%2Fiframe&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/reviews/iframe The user-controlled value was: /reviews/iframe
URL https://www.amazon.com/errors/validateCaptcha?amzn=RjMI0bt%2BzVNA3JMjMzJg2Q%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=RjMI0bt%2BzVNA3JMjMzJg2Q%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fregister%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_newcust&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_newcust The user-controlled value was: /ap/register?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgcx%2f-%2fgfhz%2fadd-wishlist%2f%3f_encoding%3dutf8%26ref_%3dnav_newcust
URL https://www.amazon.com/errors/validateCaptcha?amzn=roxXxt79k1e3OYCnTuWDqQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=roxXxt79k1e3OYCnTuWDqQ%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_custrec_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_custrec_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fhistory%2f%3fie%3dutf8%26ref_%3dnav_custrec_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=sM62fbadJtqMKBmZutzqTQ%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=sM62fbadJtqMKBmZutzqTQ%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/product-availability The user-controlled value was: /gp/product/product-availability
URL https://www.amazon.com/errors/validateCaptcha?amzn=SOJEh0g5GNh3yz21vEi58w%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=SOJEh0g5GNh3yz21vEi58w%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/zh_TW/ The user-controlled value was: /-/zh_tw/
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/es/ The user-controlled value was: /-/es/
URL https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=TPrVoS7TZJKBS8yyPCheYw%3D%3D&amzn-r=%2F-%2Fhe%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/he/ The user-controlled value was: /-/he/
URL https://www.amazon.com/errors/validateCaptcha?amzn=TWOp0asBI%2FWBWTIkLTtsjA%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=TWOp0asBI%2FWBWTIkLTtsjA%3D%3D&amzn-r=%2Fgp%2Fcustomer-reviews%2Fcommon%2Fdu&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/customer-reviews/common/du The user-controlled value was: /gp/customer-reviews/common/du
URL https://www.amazon.com/errors/validateCaptcha?amzn=UHco0R4f7vMNkEDM0GQbJA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=UHco0R4f7vMNkEDM0GQbJA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fhistory%2f%3fie%3dutf8%26ref_%3dnav_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=uppjsyIHBaraQddL4MAISw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=uppjsyIHBaraQddL4MAISw%3D%3D&amzn-r=%2F-%2Fes%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/es/ The user-controlled value was: /-/es/
URL https://www.amazon.com/errors/validateCaptcha?amzn=Uqe%2Bj44L232HSBHTqi%2FQzA%3D%3D&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=Uqe%2Bj44L232HSBHTqi%2FQzA%3D%3D&amzn-r=%2Fap%2Fsignin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin The user-controlled value was: /ap/signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=UQmQcTwDE1aALXI5YMgUmg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=UQmQcTwDE1aALXI5YMgUmg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/socialmedia/giveaways The user-controlled value was: /gp/socialmedia/giveaways
URL https://www.amazon.com/errors/validateCaptcha?amzn=v74vI2HNtwdsMew0%2BCa4yg%3D%3D&amzn-r=%2Fgp%2Fentity-alert%2Fexternal%3Fue_back%3D1&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=v74vI2HNtwdsMew0%2BCa4yg%3D%3D&amzn-r=%2Fgp%2Fentity-alert%2Fexternal%3Fue_back%3D1&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/entity-alert/external?ue_back=1 The user-controlled value was: /gp/entity-alert/external?ue_back=1
URL https://www.amazon.com/errors/validateCaptcha?amzn=VMnQX6Wwf9aoBCz%2FnmLPHg%3D%3D&amzn-r=%2Fref%3Dcs_503_logo&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=VMnQX6Wwf9aoBCz%2FnmLPHg%3D%3D&amzn-r=%2Fref%3Dcs_503_logo&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ref=cs_503_logo The user-controlled value was: /ref=cs_503_logo
URL https://www.amazon.com/errors/validateCaptcha?amzn=VpYg%2FzqJm%2BlfCHmQSz%2Bi%2FA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=VpYg%2FzqJm%2BlfCHmQSz%2Bi%2FA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgcx%252F-%252Fgfhz%252Fadd-wishlist%252F%253F_encoding%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgcx%2F-%2Fgfhz%2Fadd-wishlist%2F%3F_encoding%3DUTF8%26ref_%3Dnav_ya_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgcx%2f-%2fgfhz%2fadd-wishlist%2f%3f_encoding%3dutf8%26ref_%3dnav_ya_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=WKtfmT6sXhu4UctX4MQXpw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=WKtfmT6sXhu4UctX4MQXpw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/product-availability The user-controlled value was: /gp/product/product-availability
URL https://www.amazon.com/errors/validateCaptcha?amzn=wmaWYeM7tTV892Nv5IT%2Brw%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=wmaWYeM7tTV892Nv5IT%2Brw%3D%3D&amzn-r=%2F-%2Fzh_TW%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/-/zh_TW/ The user-controlled value was: /-/zh_tw/
URL https://www.amazon.com/errors/validateCaptcha?amzn=WU2u70mTqqsTO3A7Q01gmQ%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=WU2u70mTqqsTO3A7Q01gmQ%3D%3D&amzn-r=%2Fdp%2Fe-mail-friend%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/e-mail-friend/ The user-controlled value was: /dp/e-mail-friend/
URL https://www.amazon.com/errors/validateCaptcha?amzn=wW1ICK07PtAJyLMWPtekow%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=wW1ICK07PtAJyLMWPtekow%3D%3D&amzn-r=%2Fproduct-reviews%2FB0069IY63Y&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/product-reviews/B0069IY63Y The user-controlled value was: /product-reviews/b0069iy63y
URL https://www.amazon.com/errors/validateCaptcha?amzn=xqei7DKY8jFewDqaI%2BL31g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=xqei7DKY8jFewDqaI%2BL31g%3D%3D&amzn-r=%2F132-3165371-6872408%3F%252AVersion%252A%3D1%26%252Aentries%252A%3D0%26ie%3DUTF8&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/132-3165371-6872408?%2AVersion%2A=1&%2Aentries%2A=0&ie=UTF8 The user-controlled value was: /132-3165371-6872408?%2aversion%2a=1&%2aentries%2a=0&ie=utf8
URL https://www.amazon.com/errors/validateCaptcha?amzn=yGcmbher93sEDsbGY%2BmhpA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=yGcmbher93sEDsbGY%2BmhpA%3D%3D&amzn-pt=AuthenticationPortal&amzn-r=%2Fap%2Fsignin%3Fopenid.assoc_handle%3Dusflex%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.mode%3Dcheckid_setup%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26openid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.com%252Fgp%252Fhistory%252F%253Fie%253DUTF8%2526ref_%253Dnav_ya_signin&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fhistory%2F%3Fie%3DUTF8%26ref_%3Dnav_ya_signin The user-controlled value was: /ap/signin?openid.assoc_handle=usflex&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.com%2fgp%2fhistory%2f%3fie%3dutf8%26ref_%3dnav_ya_signin
URL https://www.amazon.com/errors/validateCaptcha?amzn=yIpcu%2ByTIT%2BGhSDjfI7iNA%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=yIpcu%2ByTIT%2BGhSDjfI7iNA%3D%3D&amzn-r=%2Fdp%2Fproduct-availability%2F&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/product-availability/ The user-controlled value was: /dp/product-availability/
URL https://www.amazon.com/errors/validateCaptcha?amzn=yu6%2FEfW%2FwPCqmg47siCmZw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=yu6%2FEfW%2FwPCqmg47siCmZw%3D%3D&amzn-r=%2Fgp%2Fproduct%2Fproduct-availability&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/product-availability The user-controlled value was: /gp/product/product-availability
URL https://www.amazon.com/errors/validateCaptcha?amzn=zeQeO2v0hNNZMPEQzdgpPg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=zeQeO2v0hNNZMPEQzdgpPg%3D%3D&amzn-r=%2Fgp%2Fsocialmedia%2Fgiveaways&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/socialmedia/giveaways The user-controlled value was: /gp/socialmedia/giveaways
URL https://www.amazon.com/errors/validateCaptcha?amzn=Zl3unZKkp2iFjlOckDEA6Q%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=Zl3unZKkp2iFjlOckDEA6Q%3D%3D&amzn-r=%2Fgp%2Fproduct%2Frate-this-item&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/gp/product/rate-this-item The user-controlled value was: /gp/product/rate-this-item
URL https://www.amazon.com/errors/validateCaptcha?amzn=zWHXuJMe95diKgc3YS%2BIAQ%3D%3D&amzn-r=%2Fdp%2FB07984JN3L%3Fie%3DUTF-8%26plattr%3DACOMFO&field-keywords=ZAP
Method GET
Parameter amzn-r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/errors/validateCaptcha?amzn=zWHXuJMe95diKgc3YS%2BIAQ%3D%3D&amzn-r=%2Fdp%2FB07984JN3L%3Fie%3DUTF-8%26plattr%3DACOMFO&field-keywords=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: amzn-r=/dp/B07984JN3L?ie=UTF-8&plattr=ACOMFO The user-controlled value was: /dp/b07984jn3l?ie=utf-8&plattr=acomfo
URL https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Giegxin-Natural-Tropical-Hawaiian-Costume/dp/B0BX2MXBH1/ref=nta-top-sellers_d_sccl_1_2/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: psc=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc
Method GET
Parameter ref_
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/gift-cards/b/?ie=UTF8&node=2238192011&ref_=nav_cs_gc appears to include user input in: a(n) [a] tag [data-csa-c-content-id] attribute The user input found was: ref_=nav_cs_gc The user-controlled value was: nav_cs_gc
URL https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry
Method GET
Parameter ref_
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/gp/browse.html?node=16115931011&ref_=nav_cs_registry appears to include user input in: a(n) [a] tag [data-csa-c-content-id] attribute The user input found was: ref_=nav_cs_registry The user-controlled value was: nav_cs_registry
URL https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1
Method GET
Parameter ue_back
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/gp/customer-reviews/write-a-review.html?ue_back=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: ue_back=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/gp/entity-alert/external?ue_back=1
Method GET
Parameter ue_back
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/gp/entity-alert/external?ue_back=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: ue_back=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb
Method GET
Parameter ref_
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/gp/goldbox?ref_=nav_cs_gb appears to include user input in: a(n) [a] tag [data-csa-c-content-id] attribute The user input found was: ref_=nav_cs_gb The user-controlled value was: nav_cs_gb
URL https://www.amazon.com/gp/yourstore/recs/get?ue_back=1
Method GET
Parameter ue_back
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/gp/yourstore/recs/get?ue_back=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: ue_back=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk
Method GET
Parameter pageType
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/hz/mycd/myx?pageType=content&ref_=nav_AccountFlyout_myk appears to include user input in: a(n) [meta] tag [http-equiv] attribute The user input found was: pageType=content The user-controlled value was: content-type
URL https://www.amazon.com/hz/wishlist/get?ue_back=1
Method GET
Parameter ue_back
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/hz/wishlist/get?ue_back=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: ue_back=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Iron-Flame-Empyrean-Rebecca-Yarros/dp/1649374178/ref=nta-top-sellers_d_sccl_1_5/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=1649374178&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: psc=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Master-Lock-8417D-Python-Keyed/dp/B000XTPNZK/ref=nta-top-sellers_d_sccl_1_3/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: psc=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Nittaku-3-stars-Premium-Table-Tennis/dp/B017VPIY4U/ref=nta-top-sellers_d_sccl_1_7/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: psc=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Nokia-Unlocked-Hotspot-Assistant-Charcoal/dp/B08SV2Y7J6/ref=nta-top-sellers_d_sccl_1_6/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: psc=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter pf_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0 appears to include user input in: a(n) [a] tag [aria-label] attribute The user input found was: pf_rd_i=deals The user-controlled value was: deals on musical instruments outlet - see more
URL https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0
Method GET
Parameter pf_rd_m
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/outlet/ref=OUT_TD_EN_US/ref=cg_outtdad_1a1_w?pf_rd_i=deals&pf_rd_m=ATVPDKIKX0DER&pf_rd_p=292dbca4-faaa-4fd0-88a3-fc3b1cb6f4be&pf_rd_r=QVAAGKRY13968VZP707Y&pf_rd_s=slot-17&pf_rd_t=0 appears to include user input in: a(n) [div] tag [data-marketplaceid] attribute The user input found was: pf_rd_m=ATVPDKIKX0DER The user-controlled value was: atvpdkikx0der
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter content-id
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [div] tag [data-csa-c-content-id] attribute The user input found was: content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e The user-controlled value was: amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter content-id
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e The user-controlled value was: amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it bug zapper - fly zapper racket - rechargeable bug zapper racket, 4,000 volt, usb charging cable, 2 pack
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it bug zapper battery powered (2xaa included) bug zapper racket, 3,500 volt, 2 pack
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it bug zapper rechargeable bug zapper racket, electric fly swatter, mosquito zapper, 4,000 volt, usb charging cable, 2...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it electric fly swatter racket & mosquito zapper - high duty battery powered 3,500 volt electric bug zapper racket - f...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it electric indoor bug zapper (2,800 volt) plug-in 360 degree mosquito, bug, and insect killer, non-toxic attractant u...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! bug zapper rechargeable bug zapper racket w/ blue light attractant, 4,000 volt, usb charging cable
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! bug zapper rechargeable bug zapper racket, 4,000 volt, usb charging cable, 2 pack
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! electric bug zapper lantern - indoor and outdoor plug-in 360 degree mosquito control, insect and fly killers | uv ...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! electric fly swatter racket & mosquito zapper - high duty 4,000 volt electric bug zapper indoor racket - fly kille...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! electric fly swatter racket & mosquito zapper - high duty 4,000 volt electric bug zapper racket - fly killer usb r...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! electric fly swatter racket & mosquito zapper with blue light attractant - high duty 4,000 volt electric bug zappe...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! electric fly swatter racket, mosquito & fly zapper racket - high duty 4,000 volt electric handheld bug zapper rack...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zap it The user-controlled value was: zap it! mini bug zapper - rechargeable mosquito, fly killer and bug zapper racket - flies killer indoor - 4,000 volt - usb...
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=zap it The user-controlled value was: zap it
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [li] tag [aria-label] attribute The user input found was: k=zap it The user-controlled value was: zap it!
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter pd_rd_r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632 The user-controlled value was: a7a5b49a-c952-4229-a6d2-c7291965b632
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter pd_rd_w
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pd_rd_w=7QdyG The user-controlled value was: 7qdyg
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter pd_rd_wg
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pd_rd_wg=PvDpR The user-controlled value was: pvdpr
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter pf_rd_p
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e The user-controlled value was: 9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter pf_rd_r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT The user-controlled value was: zwh9fwwdx8kttppvj6ht
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zap+it&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_5 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sugsr_5 The user-controlled value was: sugsr_5
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter content-id
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [div] tag [data-csa-c-content-id] attribute The user input found was: content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e The user-controlled value was: amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter content-id
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e The user-controlled value was: amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=zapper The user-controlled value was: zapper
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=zapper The user-controlled value was: zapper
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter pd_rd_r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632 The user-controlled value was: a7a5b49a-c952-4229-a6d2-c7291965b632
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter pd_rd_w
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pd_rd_w=7QdyG The user-controlled value was: 7qdyg
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter pd_rd_wg
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pd_rd_wg=PvDpR The user-controlled value was: pvdpr
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter pf_rd_p
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e The user-controlled value was: 9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter pf_rd_r
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT The user-controlled value was: zwh9fwwdx8kttppvj6ht
URL https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s/?content-id=amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e:amzn1.sym.9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&k=zapper&pd_rd_r=a7a5b49a-c952-4229-a6d2-c7291965b632&pd_rd_w=7QdyG&pd_rd_wg=PvDpR&pf_rd_p=9bbe09a5-e2ce-4594-80e8-ad6153d0ea3e&pf_rd_r=ZWH9FWWDX8KTTPPVJ6HT&qid=1701867726&ref=sugsr_4 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sugsr_4 The user-controlled value was: sugsr_4
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=ZAP The user-controlled value was: zap
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sr_nr_p_36_5 The user-controlled value was: sr_nr_p_36_5
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter rh
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rh=n:2972638011,p_36:2661616011 The user-controlled value was: n:2972638011,p_36:2661616011
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter rnid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rnid=2661611011 The user-controlled value was: 2661611011
URL https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011
Method GET
Parameter rnid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3Ah3Jaj5Ppn8moXe4FXxZ%2FPq3k9kbi2jaWw0jDDxGxmPM&k=ZAP&qid=1701867726&ref=sr_nr_p_36_5&rh=n%3A2972638011%2Cp_36%3A2661616011&rnid=2661611011 appears to include user input in: a(n) [ul] tag [data-csa-c-content-id] attribute The user input found was: rnid=2661611011 The user-controlled value was: 2661611011
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=ZAP The user-controlled value was: zap
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sr_nr_p_n_feature_two_browse-bin_4 The user-controlled value was: sr_nr_p_n_feature_two_browse-bin_4
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter rh
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rh=n:3738021,p_n_feature_two_browse-bin:116624668011 The user-controlled value was: n:3738021,p_n_feature_two_browse-bin:116624668011
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter rnid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rnid=116623716011 The user-controlled value was: 116623716011
URL https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011
Method GET
Parameter rnid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AM%2F70U6nXTogKup%2FNLedqQkhWuICxVyxhHQ5vaK93WGU&k=ZAP&qid=1701867726&ref=sr_nr_p_n_feature_two_browse-bin_4&rh=n%3A3738021%2Cp_n_feature_two_browse-bin%3A116624668011&rnid=116623716011 appears to include user input in: a(n) [ul] tag [data-csa-c-content-id] attribute The user input found was: rnid=116623716011 The user-controlled value was: 116623716011
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it bug zapper - fly zapper racket - rechargeable bug zapper racket, 4,000 volt, usb charging cable, 2 pack
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it bug zapper rechargeable bug zapper racket, electric fly swatter, mosquito zapper, 4,000 volt, usb charging cable, 2...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it electric fly swatter racket & mosquito zapper - high duty battery powered 3,500 volt electric bug zapper racket - f...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it electric indoor bug zapper (2,800 volt) plug-in 360 degree mosquito, bug, and insect killer, non-toxic attractant u...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it! bug zapper rechargeable bug zapper racket w/ blue light attractant, 4,000 volt, usb charging cable
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it! bug zapper rechargeable bug zapper racket, 4,000 volt, usb charging cable, 2 pack
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it! electric bug zapper lantern - indoor and outdoor plug-in 360 degree mosquito control, insect and fly killers | uv ...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it! electric fly swatter racket & mosquito zapper - high duty 4,000 volt electric bug zapper racket - fly killer usb r...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it! electric fly swatter racket & mosquito zapper with blue light attractant - high duty 4,000 volt electric bug zappe...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it! electric fly swatter racket, mosquito & fly zapper racket - high duty 4,000 volt electric handheld bug zapper rack...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap it! mini bug zapper - rechargeable mosquito, fly killer and bug zapper racket - flies killer indoor - 4,000 volt - usb...
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=ZAP The user-controlled value was: zap
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [li] tag [aria-label] attribute The user input found was: k=ZAP The user-controlled value was: zap it!
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sr_nr_p_89_1 The user-controlled value was: sr_nr_p_89_1
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter rh
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rh=n:2972638011,p_89:ZAP IT! The user-controlled value was: n:2972638011,p_89:zap it!
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter rnid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rnid=2528832011 The user-controlled value was: 2528832011
URL https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011
Method GET
Parameter rnid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3ArrbsqbqV2V%2B1OmUPnMEC62aq8ZyoUF7GS5bUlh3Qhxw&k=ZAP&qid=1701867726&ref=sr_nr_p_89_1&rh=n%3A2972638011%2Cp_89%3AZAP+IT%21&rnid=2528832011 appears to include user input in: a(n) [ul] tag [data-csa-c-content-id] attribute The user input found was: rnid=2528832011 The user-controlled value was: 2528832011
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap fitness: proven training methods for distance running success
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011 appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: k=ZAP The user-controlled value was: zap squad and the sands of time
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=ZAP The user-controlled value was: zap
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sr_nr_n_3 The user-controlled value was: sr_nr_n_3
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter rh
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rh=n:2625373011,n:2649512011 The user-controlled value was: n:2625373011,n:2649512011
URL https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011
Method GET
Parameter rnid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?dc&ds=v1%3AyiiXIf5DVcq%2BHp%2BuK6jgmjkS2iPvMY6Q0NBN1Hu9QnE&k=ZAP&qid=1701867726&ref=sr_nr_n_3&rh=n%3A2625373011%2Cn%3A2649512011&rnid=2941120011 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: rnid=2941120011 The user-controlled value was: 2941120011
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap all time progressive brush long-lasting straightening
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap cloth - streak free, spot free - 3 cloths
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap extreme straight formaldehyde free kit 2x1l | brazilian keratin treatment | progressive brush | volume reducer | 100% ...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it bug zapper - fly zapper racket - rechargeable bug zapper racket, 4,000 volt, usb charging cable, 2 pack
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it electric fly swatter racket & mosquito zapper - high duty battery powered 3,500 volt electric bug zapper racket - f...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it electric indoor bug zapper (2,800 volt) plug-in 360 degree mosquito, bug, and insect killer, non-toxic attractant u...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it! bug zapper rechargeable bug zapper racket w/ blue light attractant, 4,000 volt, usb charging cable
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it! bug zapper rechargeable bug zapper racket, 4,000 volt, usb charging cable, 2 pack
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it! electric bug zapper lantern - indoor and outdoor plug-in 360 degree mosquito control, insect and fly killers | uv ...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it! electric fly swatter racket & mosquito zapper - high duty 4,000 volt electric bug zapper racket - fly killer usb r...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it! electric fly swatter racket & mosquito zapper with blue light attractant - high duty 4,000 volt electric bug zappe...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it! electric fly swatter racket, mosquito & fly zapper racket - high duty 4,000 volt electric handheld bug zapper rack...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it! mini bug zapper - rechargeable mosquito, fly killer and bug zapper racket - flies killer indoor - 4,000 volt - usb...
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap mask ztox softness nourish discipline professional use 950g/33.51 oz
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap!
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap: a play. revised edition.
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [img] tag [alt] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zapped
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [input] tag [value] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter field-keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [li] tag [aria-label] attribute The user input found was: field-keywords=ZAP The user-controlled value was: zap it!
URL https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?field-keywords=ZAP&ref=cs_503_search appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=cs_503_search The user-controlled value was: cs_503_search
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=zap bottle The user-controlled value was: zap bottle
URL https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?k=zap+bottle&ref=sr_nr_p_cosmo_multi_pt_19 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sr_nr_p_cosmo_multi_pt_19 The user-controlled value was: sr_nr_p_cosmo_multi_pt_19
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=zap bracelet The user-controlled value was: zap bracelet
URL https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?k=zap+bracelet&ref=sr_nr_p_cosmo_multi_pt_17 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sr_nr_p_cosmo_multi_pt_17 The user-controlled value was: sr_nr_p_cosmo_multi_pt_17
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter k
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: k=zap walking stick The user-controlled value was: zap walking stick
URL https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6
Method GET
Parameter ref
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/s?k=zap+walking+stick&ref=sr_nr_p_cosmo_multi_pt_6 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: ref=sr_nr_p_cosmo_multi_pt_6 The user-controlled value was: sr_nr_p_cosmo_multi_pt_6
URL https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Seiddons-Christmas-Velvet-Unisex-Clause/dp/B0BBPJ1PW6/ref=nta-top-sellers_d_sccl_1_1/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1 appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: psc=1 The user-controlled value was: ie=edge,chrome=1
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: keywords=ZAP The user-controlled value was: zap
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter qid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35 appears to include user input in: a(n) [input] tag [data-qid] attribute The user input found was: qid=1701867726 The user-controlled value was: 1701867726
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter qid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: qid=1701867726 The user-controlled value was: 1701867726
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter sr
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35 appears to include user input in: a(n) [input] tag [data-sr] attribute The user input found was: sr=8-35 The user-controlled value was: 8-35
URL https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35
Method GET
Parameter sr
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/TREND-ENTERPRISES-Reinforce-Subtraction-Probability/dp/B001JTOOEO/ref=sr_1_35?keywords=ZAP&qid=1701867726&sr=8-35 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: sr=8-35 The user-controlled value was: 8-35
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter keywords
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: keywords=ZAP The user-controlled value was: zap
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter qid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40 appears to include user input in: a(n) [input] tag [data-qid] attribute The user input found was: qid=1701867726 The user-controlled value was: 1701867726
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter qid
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: qid=1701867726 The user-controlled value was: 1701867726
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter sr
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40 appears to include user input in: a(n) [input] tag [data-sr] attribute The user input found was: sr=8-40 The user-controlled value was: 8-40
URL https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40
Method GET
Parameter sr
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/Zapper-Electric-Indoor-Insect-Mosquito/dp/B01N5TCXWM/ref=sr_1_40?keywords=ZAP&qid=1701867726&sr=8-40 appears to include user input in: a(n) [input] tag [value] attribute The user input found was: sr=8-40 The user-controlled value was: 8-40
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-atomic] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-is-sponsored-label-active] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-sponsored] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-use-inline-experience] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [input] tag [value] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [data-a-strike] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter items[0.base][asin]
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: items[0.base][asin]=B0BBPJ1PW6 The user-controlled value was: b0bbpj1pw6
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_1_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BBPJ1PW6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B0BBPJ1PW6 The user-controlled value was: b0bbpj1pw6
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-atomic] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-is-sponsored-label-active] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-sponsored] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-use-inline-experience] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [input] tag [value] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [data-a-strike] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter items[0.base][asin]
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: items[0.base][asin]=B0BX2MXBH1 The user-controlled value was: b0bx2mxbh1
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_2_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BX2MXBH1&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B0BX2MXBH1 The user-controlled value was: b0bx2mxbh1
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-atomic] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-is-sponsored-label-active] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-sponsored] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-use-inline-experience] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [input] tag [value] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [data-a-strike] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter items[0.base][asin]
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: items[0.base][asin]=B000XTPNZK The user-controlled value was: b000xtpnzk
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_3_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B000XTPNZK&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B000XTPNZK The user-controlled value was: b000xtpnzk
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-atomic] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-is-sponsored-label-active] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-sponsored] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-use-inline-experience] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [input] tag [value] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [data-a-strike] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter items[0.base][asin]
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: items[0.base][asin]=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_4_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B0BB9BMD7F The user-controlled value was: b0bb9bmd7f
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-atomic] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-is-sponsored-label-active] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-sponsored] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-use-inline-experience] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [input] tag [value] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [data-a-strike] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter items[0.base][asin]
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: items[0.base][asin]=B08SV2Y7J6 The user-controlled value was: b08sv2y7j6
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_6_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B08SV2Y7J6&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B08SV2Y7J6 The user-controlled value was: b08sv2y7j6
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-atomic] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-is-sponsored-label-active] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-sponsored] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-use-inline-experience] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [input] tag [value] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [data-a-strike] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter items[0.base][asin]
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: items[0.base][asin]=B017VPIY4U The user-controlled value was: b017vpiy4u
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_7_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B017VPIY4U&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B017VPIY4U The user-controlled value was: b017vpiy4u
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [a] tag [data-ux-jq-mouseenter] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-atomic] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-is-sponsored-label-active] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-sponsored] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-use-inline-experience] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [input] tag [value] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [aria-hidden] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter isNeoAddToCart
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [span] tag [data-a-strike] attribute The user input found was: isNeoAddToCart=true The user-controlled value was: true
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter items[0.base][asin]
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: items[0.base][asin]=B096X8471C The user-controlled value was: b096x8471c
URL https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC
Method POST
Parameter pd_rd_i
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/cart/add-to-cart/ref=nta-top-sellers_d_sccl_8_atc_a?_encoding=UTF8&content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B096X8471C&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC appears to include user input in: a(n) [div] tag [data-asin] attribute The user input found was: pd_rd_i=B096X8471C The user-controlled value was: b096x8471c
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter cross-context-behavioral-ads
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/privacyprefs?ref_=footer_iba appears to include user input in: a(n) [input] tag [value] attribute The user input found was: cross-context-behavioral-ads=on The user-controlled value was: on
URL https://www.amazon.com/privacyprefs?ref_=footer_iba
Method POST
Parameter cross-context-behavioral-ads
Attack
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: https://www.amazon.com/privacyprefs?ref_=footer_iba appears to include user input in: a(n) [meta] tag [content] attribute The user input found was: cross-context-behavioral-ads=on The user-controlled value was: on
Instances 438
Solution
Validate all input and sanitize output it before writing to any HTML attributes.
Reference http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-html-attribute
CWE Id 20
WASC Id 20
Plugin Id 10031
Informational
User Controllable JavaScript Event (XSS)
Description
This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.
URL https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1
Method GET
Parameter psc
Attack
Evidence
Other Info User-controlled javascript event(s) was found. Exploitability will need to be manually determined. The page at the following URL: https://www.amazon.com/Christmas-Adults-Velvet-Winter-Costume/dp/B0BB9BMD7F/ref=nta-top-sellers_d_sccl_1_4/147-4280155-9611859?content-id=amzn1.sym.6a66b90b-ff21-4adc-933b-819537ba9583&pd_rd_i=B0BB9BMD7F&pd_rd_r=b2bea4d0-6675-424f-a5a8-84f64d340639&pd_rd_w=gF1gR&pd_rd_wg=6xF9n&pf_rd_p=6a66b90b-ff21-4adc-933b-819537ba9583&pf_rd_r=SR1A78F8ZX5RPSV4D6CC&psc=1" includes the following Javascript event which may be attacker-controllable: User-input was found in the following data of an [onclick] event: return recordHelpAndNavigate(function() {amz_js_PopWin(this.href,'AmazonHelp','width=550,height=550,resizable=1,scrollbars=1,toolbar=0,status=0');}) The user input was: 1
Instances 1
Solution
Validate all input and sanitize output it before writing to any Javascript on* events.
Reference http://websecuritytool.codeplex.com/wikipage?title=Checks#user-javascript-event
CWE Id 20
WASC Id 20
Plugin Id 10043